Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Scheduled AWS Batch Job with EventBridge Not Working

0

What I am trying to do:

  • Use Eventbridge to schedule an AWS Batch job to run daily.

The problem:

  • I've created a rule in Eventbridge for a working AWS batch job., but it's is not being kicked off at the scheduled time.

The only thing that I can think of that is going wrong is maybe I don't have the correct role type, trust relationship and policy for the rule? Any help provided would be greatly appreciated, thank you!

Role Information

Role use case type: Allows EC2 instances to call aws services on your behalf

Trust Relationships

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "ec2.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        },
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "events.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

Permissions (related to EventBridge only): AWSBatchServiceEventTargetRole

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "batch:SubmitJob"
            ],
            "Resource": "*"
        }
    ]
}
Tópicos
Sem servidorIntegração de aplicativosComputaçãoSegurança, identidade e conformidade
Tags
Amazon EventBridgeAWS BatchPolíticas do IAMAgendamento de trabalhos
Idioma
English
AWS-User-5206330
feita há 2 anos1678 visualizações
1 Resposta
0

Hi, I have checked one of our functioning EventBridge rules with AWS Batch jobs target. Provided Role has following Trust Relationship:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "events.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

And following permission in the Policy:

{
    "Statement": [
        {
            "Action": [
                "batch:SubmitJob"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:batch:region:account-number:job-definition/our-job-xxxxxxx",
                "arn:aws:batch:region:account-number:job-definition/our-job-xxxxxxx:*",
                "arn:aws:batch:region:account-number:job-queue/our-job-xxxxxxx"
            ]
        }
    ],
    "Version": "2012-10-17"
}

Also check, whether your Cron expression is OK.

Tomas Bartek
respondido há 2 anos
  • AWS-User-5206330
    há 2 anos

    Thanks a ton for responding, it's very helpful.

    I have mine scheduled to run every 1 minute right using the fixed rate option, so I think we are good on that front.

    Will you confirm the use case you selected for your role and the name of permissions policy you used for your rule? I ask because I had to create an inline policy to give explicit permissions for my job definitions and queue.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante