# general


02/25/2019, 9:46 PM
I'm still a little bit confused as to how I can generate IAM policies with previously declared resources. Let say I have an ECS Fargate Task and it's execution role
Copy code
const taskRole = new aws.iam.Role('foo',{})
const task = new awsx.ecs.FargateTaskDefinition('bar',{})
I'm trying to build a lambda role that can has perms to
Copy code
          Effect: "Allow",
          Action: ["iam:PassRole"],
          Resource: [taskRole.arn]
          Effect: "Allow",
          Action: ["ecs:RunTask"],
          Resource: [task.taskDefinition.arn]
But I can't seem to find a combination of apply or pulumi.all that allows me to generate the JSON input into the role. Any ideas?