IAM policies for AWS Elemental MediaConvert - Amazon Step Functions
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IAM policies for AWS Elemental MediaConvert

The following example templates show how Amazon Step Functions requires you to set up your IAM policies based on the resources in your state machine definition. You can use the IAM console to add any missing role policies. For more information, see IAM Policies for integrated services and Service integration patterns.

Because MediaConvert provides partial support for resource-level access control, you must use "Resource": "*".

Run a Job (.sync)
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" }, { "Effect": "Allow", "Action": [ "mediaconvert:CreateJob", "mediaconvert:GetJob", "mediaconvert:CancelJob" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "events:PutTargets", "events:PutRule", "events:DescribeRule" ], "Resource": [ "arn:aws:events:[[region]]:[[accountId]]:rule/StepFunctionsGetEventsForMediaConvertJobRule" ] } ] }
Request Response
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" }, { "Effect": "Allow", "Action": [ "mediaconvert:CreateJob" ], "Resource": "*" } ] }