IAM policies for AWS Batch
The following example templates show how AWS Step Functions generates IAM policies based on the resources in your
state machine definition. For more information, see IAM Policies for integrated
services and Service integration patterns.
Because AWS Batch provides partial support for resource-level access control, you must use "Resource": "*"
.
- Run a Job (.sync)
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"batch:SubmitJob",
"batch:DescribeJobs",
"batch:TerminateJob"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"events:PutTargets",
"events:PutRule",
"events:DescribeRule"
],
"Resource": [
"arn:aws:events:[[region]]
:[[accountId]]
:rule/StepFunctionsGetEventsForBatchJobsRule"
]
}
]
}
- Request Response
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"batch:SubmitJob"
],
"Resource": "*"
}
]
}