If I remember correctly, the error identification in boto3 is not too transparent, and some specific cases would need to be parsed from the error message (text) or are even not specifically identifiable. But there is a good chance, that this changed by now.
I agree, that the described scenario can be misleading, as the error message suggests, that the TD does not exist - independent from permissions.
I have two follow up questions:
would you please briefly describe your permissions setup? What kind of restrictions did you apply to the task definitions and/or user?
Do you have the original error object/details of this operation which comes from boto3? What does the ClientError exactly look like?