I am trying for "IAM permissions for Fargate tasks pulling Amazon ECR images". For that I have used following task execution role policy but getting error called
Error creating IAM Role. MalformedPolicyDocument: Has prohibited field Resource
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecr:GetAuthorizationToken",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:sourceVpce": "vpce-xxxxxx",
"aws:sourceVpc": "vpc-xxxxx"
}
}
}
]
}
Can someone help me with this issue?