Clarifying behavior of ECS:listTask()

Question

Does `ECS:ListTasks` fetch all tasks and only returns those who match a filter of the cluster parameter, or only queries the provided cluster?

I am testing restricting resource access for an iam role for a tool that works with ECS to specific clusters. In testing I am finding that even if I specify the `cluster` parameter in a `ECS:ListTasks` call, an error occurs with permissions indicating the role doesn't have access to `ListTasks` on `resources: *`.  This behavior is the same if we use the cluster name or ARN.

Answer

Hello.

Can you share me below information?

1) the result of a below command
```
$ aws sts get-caller-identity
{
    "UserId": "***",
    "Account": "***",
    "Arn": "arn:aws:iam::***:user/***"
}
```

2) a policy to allow `ListTasks` permission for above IAM principal (e.g., IAM User, IAM Role, ... etc.)

3) Share me `ListTasks` commands you executed

Example)

```
$ aws ecs list-tasks --cluster 
```

Thank you.

Myungsup Kwak

Clarifying behavior of ECS:listTask()

相关内容