AWS Batch

These example templates show how AWS Step Functions generates IAM policies based on the resources in your state machine definition. For more information, see:

• IAM Policies for integrated services

• Service Integration Patterns

Because AWS Batch provides partial support for resource-level access control, you must use "Resource": "*".

Run a Job (.sync)

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "batch:SubmitJob",
                "batch:DescribeJobs",
                "batch:TerminateJob"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "events:PutTargets",
                "events:PutRule",
                "events:DescribeRule"
            ],
            "Resource": [
               "arn:aws:events:[[region]]:[[accountId]]:rule/StepFunctionsGetEventsForBatchJobsRule"
            ]
        }
    ]
}
        

Request Response

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "batch:SubmitJob"
            ],
            "Resource": "*"
        }
    ]
}