Merge pull request #125 from JahedZ/main

feat/autoupdates: extend IAM permissions for container execution roles
data-dot-all · Sep 5, 2022 · 9d920f6 · 9d920f6
2 parents 7cf1177 + 5782ac4
commit 9d920f6
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/deploy/stacks/container.py b/deploy/stacks/container.py
@@ -348,6 +348,12 @@ def create_task_role(self, envname, resource_prefix):
                         f'arn:aws:iam::{self.account}:role/{resource_prefix}-{envname}-ecs-tasks-role',
                     ],
                 ),
+                iam.PolicyStatement(
+                    actions=[
+                        'ecs:ListTasks',
+                    ],
+                    resources=['*'],
+                ),
                 iam.PolicyStatement(
                     actions=[
                         's3:GetObject',