Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions,
see Getting Started with Amazon Web Services in China
(PDF).
The following example templates show how Amazon Step Functions requires you to set up your IAM policies based on the resources in your state machine definition. You can use the IAM console to add any missing role policies. For more information, see How Step Functions generates IAM policies for integrated
services and Discover service integration patterns in Step Functions.
Because MediaConvert provides partial support for resource-level access control, you must use "Resource": "*".
- Run a Job (.sync)
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:PassRole",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"mediaconvert:CreateJob",
"mediaconvert:GetJob",
"mediaconvert:CancelJob"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"events:PutTargets",
"events:PutRule",
"events:DescribeRule"
],
"Resource": [
"arn:aws:events:[[region]]:[[accountId]]:rule/StepFunctionsGetEventsForMediaConvertJobRule"
]
}
]
}
- Request Response
-
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:PassRole",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"mediaconvert:CreateJob"
],
"Resource": "*"
}
]
}