Amazon Elastic Container Service (ecs)

2026-04-02

12 new actions, 4 new resources, 2 new conditions | 1 updated action

Additions

    Actions
  • CreateDaemon
    • Description:  Grants permission to create a new daemon in a specified cluster
    • Access:  Write
    • Resources: 

      Name: daemon

      Required: Yes

    • Conditions: 

      ecs:cluster

      aws:ResourceTag/${TagKey}

      aws:RequestTag/${TagKey}

      aws:TagKeys

      ecs:capacity-provider

      ecs:daemon-task-definition

      ecs:enable-ecs-managed-tags

      ecs:enable-execute-command

      ecs:propagate-tags

      ecs:task-cpu

      ecs:task-memory
  • DeleteDaemon
    • Description:  Grants permission to delete a specified daemon within a cluster
    • Access:  Write
    • Resources: 

      Name: daemon

      Required: Yes

    • Conditions: 

      ecs:cluster

      aws:ResourceTag/${TagKey}
  • DeleteDaemonTaskDefinition
    • Description:  Grants permission to delete the specified daemon task definition
    • Access:  Write
    • Resources: 

      Name: daemon-task-definition

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}
  • DescribeDaemon
    • Description:  Grants permission to describe the specified daemon running in your cluster
    • Access:  Read
    • Resources: 

      Name: daemon

      Required: Yes

    • Conditions: 

      ecs:cluster

      aws:ResourceTag/${TagKey}
  • DescribeDaemonDeployments
    • Description:  Grants permission to describe one or more of your daemon deployments
    • Access:  Read
    • Resources: 

      Name: daemon

      Required: Yes

      Name: daemon-deployment

      Required: Yes

    • Conditions: 

      ecs:cluster

      aws:ResourceTag/${TagKey}

      ecs:daemon
  • DescribeDaemonRevisions
    • Description:  Grants permission to describe one or more of your daemon revisions
    • Access:  Read
    • Resources: 

      Name: daemon

      Required: Yes

      Name: daemon-revision

      Required: Yes

    • Conditions: 

      ecs:cluster

      aws:ResourceTag/${TagKey}

      ecs:daemon
  • DescribeDaemonTaskDefinition
    • Description:  Grants permission to describe a daemon task definition
    • Access:  Read
    • Resources: 

      Name: daemon-task-definition

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}
  • ListDaemonDeployments
    • Description:  Grants permission to get a list of daemon deployments for a specified daemon
    • Access:  List
    • Resources: 

      Name: daemon

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

      ecs:cluster
  • ListDaemonTaskDefinitions
    • Description:  Grants permission to get a list of daemon task definitions that are registered to your account
    • Access:  List
  • ListDaemons
    • Description:  Grants permission to get a list of daemons that are running in a specified cluster
    • Access:  List
    • Conditions: 

      ecs:cluster
  • RegisterDaemonTaskDefinition
    • Description:  Grants permission to register a new daemon task definition from the supplied family and containerDefinitions
    • Access:  Write
    • Resources: 

      Name: daemon-task-definition

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

      aws:RequestTag/${TagKey}

      aws:TagKeys

      ecs:privileged

      ecs:task-cpu

      ecs:task-memory
  • UpdateDaemon
    • Description:  Grants permission to modify the parameters of a daemon
    • Access:  Write
    • Resources: 

      Name: daemon

      Required: Yes

    • Conditions: 

      ecs:cluster

      aws:ResourceTag/${TagKey}

      ecs:capacity-provider

      ecs:daemon-task-definition

      ecs:enable-ecs-managed-tags

      ecs:enable-execute-command

      ecs:propagate-tags

      ecs:task-cpu

      ecs:task-memory
    Resources
  • daemon
    • Arn:  arn:${Partition}:ecs:${Region}:${Account}:daemon/${ClusterName}/${DaemonName}
    • Conditions: 

      aws:ResourceTag/${TagKey}

      ecs:cluster
  • daemon-deployment
    • Arn:  arn:${Partition}:ecs:${Region}:${Account}:daemon-deployment/${ClusterName}/${DaemonName}/${DaemonDeploymentId}
    • Conditions: 

      aws:ResourceTag/${TagKey}

      ecs:cluster

      ecs:daemon
  • daemon-revision
    • Arn:  arn:${Partition}:ecs:${Region}:${Account}:daemon-revision/${ClusterName}/${DaemonName}/${DaemonRevisionId}
    • Conditions: 

      aws:ResourceTag/${TagKey}

      ecs:cluster

      ecs:daemon
  • daemon-task-definition
    • Arn:  arn:${Partition}:ecs:${Region}:${Account}:daemon-task-definition/${DaemonTaskDefinitionFamilyName}:${DaemonTaskDefinitionRevisionNumber}
    • Conditions: 

      aws:ResourceTag/${TagKey}
    Conditions
  • ecs:daemon
    • Description:  Filters access by the ARN of an Amazon ECS daemon
    • Type:  ARN
  • ecs:daemon-task-definition
    • Description:  Filters access by the ARN of an Amazon ECS daemon task definition
    • Type:  ARN

Updates

    Actions
  • UpdateTaskSet
      Resources
    • + daemon
    • + daemon-task-definition