{"slug":"iam-aws-ecs","cloud":"aws","service":"ecs","title":"AWS ECS (IAM)","description":"Amazon Elastic Container Service (ECS) is a fully managed container orchestration service for running, stopping, and managing Docker containers on a cluster.","category":"compute","common_permissions":["ecs:ListClusters","ecs:ListServices","ecs:DescribeServices","ecs:ListTasks","ecs:DescribeTasks","ecs:RunTask","ecs:CreateService","ecs:TagResource"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"ecs:ListClusters\",\n        \"ecs:ListServices\",\n        \"ecs:DescribeServices\",\n        \"ecs:ListTasks\",\n        \"ecs:DescribeTasks\",\n        \"ecs:RunTask\",\n        \"ecs:CreateService\",\n        \"ecs:TagResource\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid ecs:* — grants full control including task and service deletion","Avoid ecs:RunTask unless needed — can start arbitrary tasks consuming resources"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/ecs/ecs.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:48:55.212Z","updated_at":"2026-06-14T04:48:55.212Z"}