Autoscaling
IAM 使用者無權執行:application-autoscaling:DescribeScalableTargets
我正在嘗試將自動縮放添加到集群。但是我遇到了以下錯誤:
我已經將 IAM 使用者添加到這些新的安全組中:
該使用者共有以下權限:
AmazonSQSFullAccess AWSElasticBeanstalkFullAccess AmazonS3FullAccess CloudWatchFullAccess AmazonDynamoDBFullAccess CloudFrontFullAccess AmazonEC2FullAccess CloudWatchLogsFullAccess AmazonEC2ContainerServiceFullAccess AmazonEC2ContainerRegistryPowerUser IAMReadOnlyAccess AmazonEC2ContainerServiceAutoscaleRole
我錯過了什麼?
編輯:
我已經添加了
AutoScalingFullAccess
和
ApplicationAutoScalingForAmazonAppStreamAccess
但沒有雪茄。
我需要將以下自定義策略添加到我的權限組之一
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "application-autoscaling:*", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm" ], "Resource": [ "*" ] } ] }
除上述內容外,我們還需要將 IAM 通行證角色添加到策略中。所以策略應該如下所示:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "cloudwatch:PutMetricAlarm", "iam:GetRole", "iam:PassRole", "application-autoscaling:*", "cloudwatch:DescribeAlarms" ], "Resource": "<RESOURCE-ARN>" } ] }
以下是參考網址:
[https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html]$$ 1 $$