Permissions: IAM 执行角色必须配置具有允许对其他 AWS 服务执行必要操作的权限。例如,如果您的状态机需要调用 AWS Lambda 函数,则 IAM 角色必须具有 lambda:InvokeFunction 权限。同样,如果它需要写入 DynamoDB,则必须授予适当的权限(dynamodb:PutItem、dynamodb:UpdateItem 等)。
Enumeration
ReadOnlyAccess 策略足以满足以下所有枚举操作。
# State machines ### List state machinesawsstepfunctionslist-state-machines## Retrieve informatio about the specified state machineawsstepfunctionsdescribe-state-machine--state-machine-arn<value>## List versions for the specified state machineawsstepfunctionslist-state-machine-versions--state-machine-arn<value>## List aliases for the specified state machineawsstepfunctionslist-state-machine-aliases--state-machine-arn<value>## Retrieve information about the specified state machine aliasawsstepfunctionsdescribe-state-machine-alias--state-machine-alias-arn<value>## List executions of a state machineaws stepfunctions list-executions --state-machine-arn <value> [--status-filter <RUNNING | SUCCEEDED | FAILED | TIMED_OUT | ABORTED | PENDING_REDRIVE>] [--redrive-filter <REDRIVEN | NOT_REDRIVEN>]
## Retrieve information and relevant metadata about a state machine execution (output included)awsstepfunctionsdescribe-execution--execution-arn<value>## Retrieve information about the state machine associated to the specified executionawsstepfunctionsdescribe-state-machine-for-execution--execution-arn<value>## Retrieve the history of the specified execution as a list of eventsaws stepfunctions get-execution-history --execution-arn <value> [--reverse-order | --no-reverse-order] [--include-execution-data | --no-include-execution-data]
## List tags for the specified step Functions resourceawsstepfunctionslist-tags-for-resource--resource-arn<value>## Validate the definition of a state machine without creating the resourceawsstepfunctionsvalidate-state-machine-definition--definition<value> [--type <STANDARD|EXPRESS>]# Activities ### List existing activitiesawsstepfunctionslist-activities## Retrieve information about the specified activityawsstepfunctionsdescribe-activity--activity-arn<value># Map Runs ### List map runs of an executionawsstepfunctionslist-map-runs--execution-arn<value>## Provide information about the configuration, progress and results of a Map Runawsstepfunctionsdescribe-map-run--map-run-arn<value>## Lists executions of a Map Runaws stepfunctions list-executions --map-run-arn <value> [--status-filter <RUNNING | SUCCEEDED | FAILED | TIMED_OUT | ABORTED | PENDING_REDRIVE>] [--redrive-filter <REDRIVEN | NOT_REDRIVEN>]