Hi
I have an IAM policy with permission to some ECS clusters:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ecs:DescribeCapacityProviders",
"ecs:ListTagsForResource",
"ecs:ListTasks",
"ecs:DescribeServices",
"ecs:DescribeTaskSets",
"ecs:DescribeContainerInstances",
"ecs:DescribeTasks",
"ecs:DescribeClusters"
],
"Resource": [
"arn:aws:ecs:ap-southeast-1:111:cluster/aaa",
"arn:aws:ecs:ap-southeast-1:111:cluster/bbb"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ecs:ListAccountSettings",
"ecs:DescribeTaskDefinition",
"ecs:ListClusters"
],
"Resource": "*"
}
]
}
I have exported the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY and AWS_REGION, but when I run the binary, I get these errors:
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/ccc: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 failed to call service: ECS, operation: ListTasks, error: https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/aaa: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/ddd: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/eee: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/fff: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/bbb: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
2023/02/13 09:58:58 Error listing tasks of cluster arn:aws:ecs:ap-southeast-1:111:cluster/ggg: operation error ECS: ListTasks, https response error StatusCode: 400, RequestID: abc, api error AccessDeniedException: User: arn:aws:sts::111:assumed-role/monitoring/i-0abc is not authorized to perform: ecs:ListTasks on resource: * because no identity-based policy allows the ecs:ListTasks action
Hi
I have an IAM policy with permission to some ECS clusters:
I have exported the
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYandAWS_REGION, but when I run the binary, I get these errors: