With IAM roles for Amazon ECS tasks, you can specify an IAM role that can be used by the containers in a task to access AWS resources.
With Cloud Formation, you need to add a
TaskRoleArn to the
TaskDefinition.Properties. Then you need to add appropriate policies to the role to have permissions that are used in your task code.