AWS Batch IAM permission for S3

[Marco Blanchette]

I guys, we're just getting our feet wet with using NextFlow to trigger jobs with AWS Batch. Currently, I'm struggling with policies, this might probably be more a topic to for AWS but I figured someone might have experience something similar.

Our goal is to use IAM role to pass permission down the batch tasks but right now, even the basic stuff fails. 

I have a vanilla Compute Environment configured using the AWS wizard and a Job queue, awsJQ, pointing to that CE. 

I have a docker with only the aws cli installed on it (docker hub mblanche/awscli)

The NextFlow script is simple:

num = Channel.from( 1, 2, 3 )

workDir = 's3://tower-ops-2/work/'

process echoTest {

    executor = 'awsbatch'

    queue = 'awsJQ'

    container = 'mblanche/awscli'

    input:

    val x from num

    """

    echo 'Hello World!'

    """

}

The error I'm getting is a S3 permission problem.

My IAM role has admin, I have set a passRole to an all S3 task and still nothing is working.

Any help or pointer here would be appreciated.