Autoscaling

IAM 使用者無權執行:application-autoscaling:DescribeScalableTargets

  • July 30, 2019

我正在嘗試將自動縮放添加到集群。但是我遇到了以下錯誤:

在此處輸入圖像描述

我已經將 IAM 使用者添加到這些新的安全組中:

在此處輸入圖像描述

在此處輸入圖像描述

該使用者共有以下權限:

AmazonSQSFullAccess
 AWSElasticBeanstalkFullAccess
 AmazonS3FullAccess
 CloudWatchFullAccess
 AmazonDynamoDBFullAccess
 CloudFrontFullAccess
 AmazonEC2FullAccess
 CloudWatchLogsFullAccess
 AmazonEC2ContainerServiceFullAccess
 AmazonEC2ContainerRegistryPowerUser
 IAMReadOnlyAccess
 AmazonEC2ContainerServiceAutoscaleRole

我錯過了什麼?

編輯:

我已經添加了

AutoScalingFullAccess

ApplicationAutoScalingForAmazonAppStreamAccess

但沒有雪茄。

我需要將以下自定義策略添加到我的權限組之一

{
 "Version": "2012-10-17",
 "Statement": [
   {
     "Effect": "Allow",
     "Action": [
       "application-autoscaling:*",
       "cloudwatch:DescribeAlarms",
       "cloudwatch:PutMetricAlarm"
     ],
     "Resource": [
       "*"
     ]
   }
 ]
}

來源:http ://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-auto-scaling.html#auto-scaling-IAM

除上述內容外,我們還需要將 IAM 通行證角色添加到策略中。所以策略應該如下所示:

{
   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "VisualEditor0",
           "Effect": "Allow",
           "Action": [
               "cloudwatch:PutMetricAlarm",
               "iam:GetRole",
               "iam:PassRole",
               "application-autoscaling:*",
               "cloudwatch:DescribeAlarms"
           ],
           "Resource": "<RESOURCE-ARN>"
       }
   ]
}

以下是參考網址:

[https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html]$$ 1 $$

引用自:https://serverfault.com/questions/854143