EventBridge IAM role - Amazon Batch
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

EventBridge IAM role

Amazon EventBridge delivers a near-real time stream of system events that describe changes in Amazon resources. Amazon Batch jobs are available as EventBridge targets. Using simple rules that you can quickly set up, you can match events and submit Amazon Batch jobs in response to them. Before you can submit Amazon Batch jobs with EventBridge rules and targets, EventBridge must have permissions to run Amazon Batch jobs on your behalf.

Note

When you create a rule in the EventBridge console that specifies an Amazon Batch queue as a target, you can create this role. For an example walkthrough, see Amazon Batch jobs as EventBridge targets. You can create the EventBridge role manually using the IAM console. For instructions, see Creating a role using custom trust policies (console) in the IAM User Guide.

The trust relationship for your EventBridge IAM role must provide the events.amazonaws.com service principal the ability to assume the role.

{ "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": "events.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }

Make sure that the policy that's attached to your EventBridge IAM role allows batch:SubmitJob permissions on your resources. In the following example, Amazon Batch provides the AWSBatchServiceEventTargetRole managed policy to provide these permissions.

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "batch:SubmitJob" ], "Resource": "*" } ] }