IAM user is not authorized to perform: application-autoscaling:DescribeScalableTargets
8,001
Solution 1
I need to add the following custom policy to one of my permission groups
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"application-autoscaling:*",
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm"
],
"Resource": [
"*"
]
}
]
}
Solution 2
Along with the above we need the add the IAM pass role to the policy. So the policy should look like below:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"cloudwatch:PutMetricAlarm",
"iam:GetRole",
"iam:PassRole",
"application-autoscaling:*",
"cloudwatch:DescribeAlarms"
],
"Resource": "<RESOURCE-ARN>"
}
]
}
Below is the reference URL:
[https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html][1]
Related videos on Youtube
Author by
Jason Lee
Updated on September 18, 2022Comments
-
Jason Lee about 1 year
I am trying to add autoscaling to a cluster. However I encountered the following error:
I have already added the IAM user to these new security groups:
Altogether this user has the following permissions:
AmazonSQSFullAccess AWSElasticBeanstalkFullAccess AmazonS3FullAccess CloudWatchFullAccess AmazonDynamoDBFullAccess CloudFrontFullAccess AmazonEC2FullAccess CloudWatchLogsFullAccess AmazonEC2ContainerServiceFullAccess AmazonEC2ContainerRegistryPowerUser IAMReadOnlyAccess AmazonEC2ContainerServiceAutoscaleRole
What did I miss?
EDIT:
I have added
AutoScalingFullAccess
and
ApplicationAutoScalingForAmazonAppStreamAccess
but no cigar.