Task role permission check should respect overridden task role
toricls opened this issue · comments
ECS allows users to override some parameters including the task role in the RunTask API parameter.
Currently we use the task role or the underlying EC2 instance role to check whether the ECS task has enough permission to use ECS Exec, but we should instead use the overridden task role for it as it's the actual IAM role which is used by the ECS task.