ECS execution policy
Jump to navigation
Jump to search
resource "aws_iam_policy" "ecs_policy" {
name = "your-task-ecs-execution-policy"
description = "ECS execution policy"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage",
"logs:CreateLogStream",
"logs:PutLogEvents",
"ssm:GetParameters",
"secretsmanager:GetSecretValue",
"kms:Decrypt"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
EOF
}
Related
- AWS managed policy: AmazonECSTaskExecutionRolePolicy
- "ssm:GetParameters",
- "secretsmanager:GetSecretValue",
- "kms:Decrypt"
Terraform resource: aws_iam_policy, AmazonECSTaskExecutionRolePolicy
Advertising:
