ECS execution policy

From wikieduonline
Jump to navigation Jump to search
resource "aws_iam_policy" "ecs_policy" {
  name        = "your-task-ecs-execution-policy"
  description = "ECS execution policy"

  policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "ecr:GetAuthorizationToken",
        "ecr:BatchCheckLayerAvailability",
        "ecr:GetDownloadUrlForLayer",
        "ecr:BatchGetImage",
        "logs:CreateLogStream",
        "logs:PutLogEvents",
        "ssm:GetParameters",
        "secretsmanager:GetSecretValue",
        "kms:Decrypt"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}
EOF
}


Related[edit]


Terraform resource: aws_iam_policy, AmazonECSTaskExecutionRolePolicy

Advertising: