I want to add a new cloud and and a new slave template. I use the same iam policy showed in the documentation. And I chose the name of the ECS Cluster to "default". when I created a slave template and click save, it showed the JAVA error " Caused by: com.amazonaws.AmazonServiceException: User: arn:aws:iam::040653710277:user/ecs-jenkinsbot is not authorized to perform: ecs:RegisterTaskDefinition on resource: * (Service: AmazonECS; Status Code: 400; Error Code: AccessDeniedException; Request ID: 8b5a6f59-efa5-11e5-bf1e-5fbd8a5dcc6b)]". After I changed the IAM role, problem solved. However, I just want jenkins to ONLY have permissions to register task in my cluster default. So what shall I do?