Best practise for an AWS Task Role policy

0
votes

I'm learning AWS ECS Fargate, well I created a Task Role for my ECS Containers, and I have just added some custom and non custom polices to the role.

I can see my new role with 6 different polices attached. Anyway I saw an example were many policies were nested in the json policy file and they were separated by the SID name.

I wonder which one is the best approach: to attach many policies or to build one single json policy file with all the policies nested and separated by SID?, thanks a lot.

1
amazon-web-servicesaws-fargate

1 Answers

1
votes

It really doesn't matter. Whatever is easier to maintain for you personally.

As a rule of thumb, I create managed policies if I expect to reuse it later. This way I can just reference it in new role without writing all the same stuff all over again. If it's a policy which will never be reused, then I do it in-line.