Amazon ECS customers now have additional options for controlling API access to ECS resources. With resource-level permissions (RLP) for services and task sets, you can now create IAM policies that allow or deny the ability to create, update, delete, or describe specific services and task sets.

from Recent Announcements https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-ecs-now-supports-resource-level-permissions-and-tag-based-access-controls/