Amazon EC2 Container Service
Developer Guide (API Version 2014-11-13)

Creating Amazon ECS IAM Policies

You can create specific IAM policies to restrict the calls and resources that users in your account have access to, and then attach those policies to IAM users.

When you attach a policy to a user or group of users, it allows or denies the users permission to perform the specified tasks on the specified resources. For more general information about IAM policies, see Permissions and Policies in the IAM User Guide. For more information about managing and creating custom IAM policies, see Managing IAM Policies.

To create an IAM policy for a user

  1. Open the IAM console at

  2. In the navigation pane, choose Policies and then choose Create Policy.

  3. In the Create Policy section, choose Select next to Create Your Own Policy.

  4. In the Policy Name field, type your own unique name, such as AmazonECSUserPolicy.

  5. In the Policy Document field, paste the policy to apply to the user. For example policies, see Amazon ECS IAM Policy Examples.

  6. Choose Create Policy to finish.

To attach an IAM policy to a user

  1. Open the IAM console at

  2. In the navigation pane, choose Users and then choose the user you would like to attach the policy to.

  3. Choose Permissions, Add permissions.

  4. In the Grant permissions section, choose Attach existing policies directly.

  5. Select the custom policy that you created in the previous procedure and choose Next: Review.

  6. Review your details and choose Add permissions to finish.