diff --git a/docs/ecs-compose-examples.md b/docs/ecs-compose-examples.md
index f0e4e7f47..b87f2b9c4 100644
--- a/docs/ecs-compose-examples.md
+++ b/docs/ecs-compose-examples.md
@@ -70,6 +70,15 @@ services:
           Resource: arn:aws:sqs:us-east-1:12345678:myqueue
 ```
 
+Use an existing IAM role to a task:
+
+NOTE: This will override any as above mentioned in-line IAM policys.
+```yaml
+services:
+  test:
+    x-aws-iam: arn:aws:iam::123456789:role/applicationTaskRole
+```
+
 ###### Logging
 Pass options to awslogs driver
 ```yaml
diff --git a/ecs/cloudformation.go b/ecs/cloudformation.go
index 99d1af435..2686692c4 100644
--- a/ecs/cloudformation.go
+++ b/ecs/cloudformation.go
@@ -170,16 +170,21 @@ func (b *ecsAPIService) convert(ctx context.Context, project *types.Project) (*c
 }
 
 func (b *ecsAPIService) createService(project *types.Project, service types.ServiceConfig, template *cloudformation.Template, resources awsResources) error {
-	taskExecutionRole := b.createTaskExecutionRole(project, service, template)
-	taskRole := b.createTaskRole(project, service, template, resources)
-
 	definition, err := b.createTaskDefinition(project, service, resources)
 	if err != nil {
 		return err
 	}
+
+	taskExecutionRole := b.createTaskExecutionRole(project, service, template)
 	definition.ExecutionRoleArn = cloudformation.Ref(taskExecutionRole)
-	if taskRole != "" {
-		definition.TaskRoleArn = cloudformation.Ref(taskRole)
+
+	if taskRoleArn, ok := service.Extensions[extensionIam]; ok {
+		definition.TaskRoleArn = fmt.Sprintf("%s", taskRoleArn)
+	} else {
+		taskRole := b.createTaskRole(project, service, template, resources)
+		if taskRole != "" {
+			definition.TaskRoleArn = cloudformation.Ref(taskRole)
+		}
 	}
 
 	taskDefinition := fmt.Sprintf("%sTaskDefinition", normalizeResourceName(service.Name))
diff --git a/ecs/x.go b/ecs/x.go
index f85cd3f22..f92e694e5 100644
--- a/ecs/x.go
+++ b/ecs/x.go
@@ -28,6 +28,7 @@ const (
 	extensionMaxPercent      = "x-aws-max_percent"
 	extensionRetention       = "x-aws-logs_retention"
 	extensionRole            = "x-aws-role"
+	extensionIam             = "x-aws-iam"
 	extensionManagedPolicies = "x-aws-policies"
 	extensionAutoScaling     = "x-aws-autoscaling"
 	extensionCloudFormation  = "x-aws-cloudformation"
diff --git a/go.mod b/go.mod
index e97afb685..0f8301cbc 100644
--- a/go.mod
+++ b/go.mod
@@ -56,7 +56,7 @@ require (
 	github.com/valyala/fasttemplate v1.2.1 // indirect
 	golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
-	golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4
+	golang.org/x/sys v0.0.0-20210331175145-43e1dd70ce54
 	google.golang.org/grpc v1.33.2
 	google.golang.org/protobuf v1.25.0
 	gopkg.in/ini.v1 v1.62.0