Add note about new ECS ARN format to ECS docs (#10304)

* docs: Add note about ECS task ARN format to ECS docs
2021-05-27 10:59:28 -07:00 · 2021-05-27 10:59:28 -07:00 · e145640199
parent 847e42399b
commit e145640199
1 changed files with 4 additions and 1 deletions
--- a/website/content/docs/ecs/get-started/install.mdx
+++ b/website/content/docs/ecs/get-started/install.mdx
@ -141,7 +141,10 @@ The specific permissions needed are:

 1. `ecs:ListTasks` on resource `*`.
 1. `ecs:DescribeTasks` on all tasks in this account and region. You can either
-   use `*` for simplicity or scope it to the region and account, e.g. `arn:aws:ecs:us-east-1:1111111111111:task/*`
+   use `*` for simplicity or scope it to the region and account, e.g. `arn:aws:ecs:us-east-1:1111111111111:task/*`. If 
+   your account is configured to use the new, [longer ECS task ARN format] 
+  (https://docs.aws.amazon.com/AmazonECS/latest/userguide/ecs-account-settings.html#ecs-resource-ids)
+   then you can further scope `ecs:DescribeTasks` down to tasks in a specific cluster, e.g. `arn:aws:ecs:us-east-1:1111111111111:task/MY_CLUSTER_NAME/*`.

 The IAM role's ARN will be passed into the `mesh-task` module in the next step
 via the `task_role_arn` input.