Policy Simulator failed for AmazonECSTaskExecutionRolePolicy
Why did the Policy Simulator fail for AmazonECSTaskExecutionRolePolicy ?
Please, see the screenshot in attachment.
- 최신
- 최다 투표
- 가장 많은 댓글
Hi,
It's because, there is no allow statement for ECS. In the first simulation, I replicated as you did and in the second one I added "ecs:RunTask" in the same policy and then tested, policy simulator showed me as allowed for RunTask.
Feel free to comment here, if you see any further challenge, I'm happy to help. If that answers your question, please accept the answer.
PS: If you look at description of AmazonECSTaskExecutionRolePolicy, it says that it "Provides access to other AWS service resources that are required to run Amazon ECS tasks". Hope that helps.
Thanks. I am new to AWS and I created a new user group with minimal rights to run ECS tasks.
According to your answer, that means that I have to add the permission ecs:RunTask additionally to the AmazonECSTaskExecutionRolePolicy that comes pre defined with AWS. This role or at least its name or description is really confusing.
I will adjust the permissions for the group. Thanks !
Absolutely. Yes, permission should be there. Role name may be misinterpreted but description explains it well. Feel free to post your questions here on repost. This community would always be ready to help along with your your learning journey.