本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
的 IAM 政策 AWS Step Functions
對於要求單一巢狀工作流程執行的狀態機器,請使用將權限限制StartExecution為該狀態機器的 IAM 政策。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"states:StartExecution"
],
"Resource": [
"arn:aws:states:[[region]]:[[accountId]]:stateMachine:[[stateMachineName]]"
]
}
]
}
如需詳細資訊,請參閱下列內容:
- Synchronous
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"states:StartExecution"
],
"Resource": [
"arn:aws:states:[[region]]:[[accountId]]:stateMachine:[[stateMachineName]]"
]
},
{
"Effect": "Allow",
"Action": [
"states:DescribeExecution",
"states:StopExecution"
],
"Resource": [
"arn:aws:states:[[region]]:[[accountId]]:execution:[[stateMachineName]]:*"
]
},
{
"Effect": "Allow",
"Action": [
"events:PutTargets",
"events:PutRule",
"events:DescribeRule"
],
"Resource": [
"arn:aws:events:[[region]]:[[accountId]]:rule/StepFunctionsGetEventsForStepFunctionsExecutionRule"
]
}
]
}
- Asynchronous
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"states:StartExecution"
],
"Resource": [
"arn:aws:states:[[region]]:[[accountId]]:stateMachine:[[stateMachineName]]"
]
}
]
}
如需巢狀工作流程執行的詳細資訊,請參閱從任務狀態開始工作流程執行。
