1 Answer
- Newest
- Most votes
- Most comments
1
Hi,
According to the following AWS Github repository issue, you should use Resources: "*"
for this policy.
According to https://docs.aws.amazon.com/step-functions/latest/dg/concept-create-iam-advanced.html, Step Function API calls to update task status require "the ARN of the activity or the token of the instance as part of the request". Since the token is provided as an input to the worker Lambda function, I think it's safe to use Resources: "*" for this policy.
Relevant content
- asked a year ago
- asked 7 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago