diff --git a/terraform/iam.tf b/terraform/iam.tf
index fc7c6a916..7fd3ccf9c 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -37,3 +37,30 @@ resource "aws_iam_role" "wfprev_ecs_task_execution_role" {
   name               = var.ecs_task_execution_role_name
   assume_role_policy = data.aws_iam_policy_document.ecs_task_execution_role.json
 }
+
+resource "aws_iam_role_policy_attachment" "wfprev_ecs_task_execution_changelogs" {
+  role = aws_iam_role.wfprev_ecs_task_execution_role.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}
+
+resource "aws_iam_role_policy" "wfprev_ecs_task_execution_cwlogs" {
+  name = "ecs_task_execution_cwlogs"
+  role = aws_iam_role.wfprev_ecs_task_execution_role.id
+
+  policy = <<-EOF
+  {
+      "Version": "2012-10-17",
+      "Statement": [
+          {
+              "Effect": "Allow",
+              "Action": [
+                  "logs:CreateLogGroup"
+              ],
+              "Resource": [
+                  "arn:aws:logs:*:*:*"
+              ]
+          }
+      ]
+  }
+EOF
+}
\ No newline at end of file