I'm currently looking at some resource on how to enable X-ray for my stepfunction statemachine, from this tutorial: https://docs.aws.amazon.com/step-functions/latest/dg/concepts-xray-tracing.html#xray-concept-create
"When you enable X-Ray for an existing state machine, you must ensure that you have an IAM policy that grants sufficient permissions for X-Ray to perform traces. You can either add one manually, or generate one. For more information, see the IAM policy section for X-Ray."
There are so many permissions for X-ray, I wonder which ones I need? I'd like to add them to my step function role manually, but I don't want to add all of them including the unneeded ones.
Following links will guide you based on your use-case:
Basic IAM permissions policy, I would suggest to start with this. Then reduce/add based on your use-cases.
How AWS X-Ray works with IAM, a bit in details.
Furthermore, you can use AWS Policy Generator to make things easy. Here, AWS X-Ray actions are listed under Type of Policy as IAM Policy