翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。
Amazon EMR on EKS
これらのテンプレート例では、ステートマシンの定義におけるリソースに基づき、AWS Step Functions による IAM ポリシーの生成方法を示します。詳細については、以下を参照してください。
CreateVirtualCluster
リソース
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"emr-containers:CreateVirtualCluster"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iam:CreateServiceLinkedRole",
"Resource": "arn:aws:iam::{{accountId}}:role/aws-service-role/emr-containers.amazonaws.com/AnAWSServiceRoleForAmazonEMRContainers",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "emr-containers.amazonaws.com"
}
}
}
]
}
DeleteVirtualCluster
静的リソース
- Run a Job (.sync)
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"emr-containers:DeleteVirtualCluster",
"emr-containers:DescribeVirtualCluster"
],
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/[[virtualClusterId]]"
]
}
]
}
- Request Response
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"emr-containers:DeleteVirtualCluster"
],
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/[[virtualClusterId]]"
]
}
]
}
動的リソース
- Run a Job (.sync)
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"emr-containers:DeleteVirtualCluster",
"emr-containers:DescribeVirtualCluster"
],
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/*"
]
}
]
}
- Request Response
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"emr-containers:DeleteVirtualCluster"
],
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/*"
]
}
]
}
StartJobRun
静的リソース
- Run a Job (.sync)
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "emr-containers:StartJobRun",
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/[[virtualClusterId]]"
],
"Condition": {
"StringEquals": {
"emr-containers:ExecutionRoleArn": [
"[[executionRoleArn]]"
]
}
}
},
{
"Effect": "Allow",
"Action": [
"emr-containers:DescribeJobRun",
"emr-containers:CancelJobRun"
],
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/[[virtualClusterId]]/jobruns/*"
]
}
]
}
- Request Response
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "emr-containers:StartJobRun",
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/[[virtualClusterId]]"
],
"Condition": {
"StringEquals": {
"emr-containers:ExecutionRoleArn": [
"[[executionRoleArn]]"
]
}
}
}
]
}
動的リソース
- Run a Job (.sync)
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "emr-containers:StartJobRun",
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/*"
],
"Condition": {
"StringEquals": {
"emr-containers:ExecutionRoleArn": [
"[[executionRoleArn]]"
]
}
}
},
{
"Effect": "Allow",
"Action": [
"emr-containers:DescribeJobRun",
"emr-containers:CancelJobRun"
],
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/*"
]
}
]
}
- Request Response
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "emr-containers:StartJobRun",
"Resource": [
"arn:aws:emr-containers:{{region}}:{{accountId}}:/virtualclusters/*"
],
"Condition": {
"StringEquals": {
"emr-containers:ExecutionRoleArn": [
"[[executionRoleArn]]"
]
}
}
}
]
}
