Add PassRole permissions to sample policy

clareliguori · clareliguori · commit 87fe2120fc81 · 2019-11-02T23:05:30.000-07:00
diff --git a/README.md b/README.md
@@ -44,6 +44,17 @@ This action requires the following minimum set of permissions:
          ],
          "Resource":"*"
       },
+      {
+         "Sid":"PassRolesInTaskDefinition",
+         "Effect":"Allow",
+         "Action":[
+            "iam:PassRole"
+         ],
+         "Resource":[
+            "arn:aws:iam::<aws_account_id>:role/<task_definition_task_role_name>",
+            "arn:aws:iam::<aws_account_id>:role/<task_definition_task_execution_role_name>"
+         ]
+      },
       {
          "Sid":"DeployService",
          "Effect":"Allow",
@@ -52,7 +63,7 @@ This action requires the following minimum set of permissions:
             "ecs:DescribeServices"
          ],
          "Resource":[
-            "arn:aws:ecs:region:aws_account_id:service/cluster-name/service-name"
+            "arn:aws:ecs:region:<aws_account_id>:service/<cluster_name>/<service_name>"
          ]
       }
    ]
