AWS ECS Fargate not creating task AmazonECSTaskExecutionRole error

7
votes

I'm trying to launch a test task in a ECS Fargate environment from the AWS console, but every time I try to launch it, I have the error:

Execution Role Failed creation of AmazonECSTaskExecutionRole

I supposed that it was a permissions error, so I asked the account owner (I am a IAM user of another account) to give me them, and now I do but still doesn't work.

My current permissions for ECS are:

  • AmazonECS_FullAccess
  • AmazonECSTaskExecutionRolePolicy

The worst thing is that AWS doesn't give any kind of information about this error. Anyone have an idea of how to make it work?

Thank you in advance!

2
amazon-web-servicesamazon-iamamazon-ecs

2 Answers

3
votes

You need the "iam:createRole" permission.

0
votes

I was having this same issue, it wasn't related to my permissions but rather the task setup trying to access an ECR image.

I needed to create a new IAM Role that gave ECS Task access to my ECR repo, then attach that Role to Execution Role ARN for the task definition. This fixed it for both CLI and Console creation for me.