Policy template for sending task status to Step Functions

[gevial]

Description:

There is a pattern to coordinate queue-based Lambda function execution from a Step Function: https://aws.amazon.com/getting-started/hands-on/orchestrate-microservices-with-message-queues-on-step-functions/

The worker Lambda function in this approach needs to send task status back to the step function. Currently there is no ready-to-use policy for that in SAM.

I'm going to create a PR which adds the policy with states:SendTaskFailure, states:SendTaskHeartbeat and states:SendTaskSuccess permissions.

[gevial]

According to https://docs.aws.amazon.com/step-functions/latest/dg/concept-create-iam-advanced.html, Step Function API calls to update task status require "the ARN of the activity or the token of the instance as part of the request". Since the token is provided as an input to the worker Lambda function, I think it's safe to use Resources: "*" for this policy.

[gevial]

Here's a PR: #2194

[mildaniel]

Thank you for your contribution! We really appreciate it. Once a PR is submitted we weigh it against our roadmap, do regression testing, make sure it’s backwards compatible and maintainable. Please watch this channel from more updates, and feel free to reach out.

[bluenautilus2]

Looking forward to this!