## permissions needed for running container resource :IamRoleTask, 'AWS::IAM::Role' do
path '/' assume_role_policy_document( Version: '2012-10-17', Statement: [ { Effect: :Allow, Principal: { Service: 'ecs-tasks.amazonaws.com' }, Action: 'sts:AssumeRole' } ] ) # managed_policy_arns [] # policies []
end