Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 Functionality

AWS (IAM Role)

AZURE

GCP

Increase Node

ec2:GetLaunchTemplateData
ec2:CreateLaunchTemplate
ec2:RunInstances

 Microsoft.Network/applicationGateways/write
(applicable only for Web Portal)

Microsoft.Network/networkSecurityGroups/read

Microsoft.Network/networkInterfaces/write

Microsoft.Network/virtualNetworks/subnets/join/action

Microsoft.Network/networkSecurityGroups/join/action
NOTE: Above-mentioned permissions are applicable only when existing Virtual Network is used.

compute.subnetworks.use
(applicable for Marketplace only when shared VPC is used)

Decrease Node

ec2:DeleteLaunchTemplate
ec2:TerminateInstances

 Microsoft.Network/applicationGateways/write
(applicable only for Web Portal)

Microsoft.Network/networkSecurityGroups/read

Microsoft.Network/networkInterfaces/write

Microsoft.Network/virtualNetworks/subnets/join/action

Microsoft.Network/networkSecurityGroups/join/action
NOTE: Above-mentioned permissions are applicable only when existing Virtual Network is used.

compute.subnetworks.use (applicable for Marketplace only)

Increase Disk

ec2:CreateVolume
ec2:AttachVolume
ec2:ModifyInstanceAttribute

 Not applicable

 

Decrease Disk

ec2:DetachVolume
ec2:DeleteVolume

  Not applicable

 

Load Balancer/ TargetGroup Entry Addition

elasticloadbalancing:DescribeTargetGroups

elasticloadbalancing:RegisterTargets

  Not applicable

 

Load Balancer/ Target Group Entry Deletion

elasticloadbalancing:DescribeTargetGroups

elasticloadbalancing:DeregisterTargets

  Not applicable

 

Target Group health check/probe path modification

“elasticloadbalancing:ModifyTargetGroup “

  Not applicable

...

Read Also:

Managing Nodes and Services