Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 Functionality

AWS (IAM Role)

AZURE

GCP

Increase Node

ec2:GetLaunchTemplateData
ec2:CreateLaunchTemplate
ec2:RunInstances

Custom Roles (Optional)

NOTE: Applicable only when Virtual Network is in another Resource Group.

  • Microsoft.Network/applicationGateways/write
    (applicable only for Web Portal)Microsoft.Network/networkSecurityGroups/read

  • Microsoft.Network/networkInterfaces/write

  • Microsoft.Network/virtualNetworks/subnets/join/action

  • Microsoft.Network/networkSecurityGroups/join/action

compute.subnetworks.use
(applicable for Marketplace only when shared VPC is used)

compute.instances.create
compute.disks.create
compute.disks.use
compute.instances.setServiceAccount
compute.instances.use

Decrease Node

ec2:DeleteLaunchTemplate
ec2:TerminateInstances

Custom Roles (Optional)

NOTE: Applicable only when Virtual Network is in another Resource Group.

  • Microsoft.Network/applicationGateways/write
    (applicable only for Web Portal)

  • Microsoft.Network/networkSecurityGroups/read

  • Microsoft.Network/networkInterfaces/write

  • Microsoft.Network/virtualNetworks/subnets/join/action

  • Microsoft.Network/networkSecurityGroups/join/action

compute.subnetworks.use
(applicable for Marketplace only)

compute.instances.delete
compute.instances.detachDisk
compute.disks.delete

Increase Disk

ec2:CreateVolume
ec2:AttachVolume
ec2:ModifyInstanceAttribute

 Contributor Access

compute.disks.create
compute.disks.use

Decrease Disk

ec2:DetachVolume
ec2:DeleteVolume

  Contributor Access

compute.instances.detachDisk
compute.disks.delete

Load Balancer Entry Addition

TargetGroup

elasticloadbalancing:DescribeTargetGroups

elasticloadbalancing:RegisterTargets  Contributor Access

 Microsoft.Network/applicationGateways/write
(applicable only for Web Portal)

 Instance Group

compute.instanceGroups.get
compute.instanceGroups.update

Load Balancer Entry Deletion

Target Group

elasticloadbalancing:DescribeTargetGroups

elasticloadbalancing:DeregisterTargets  Contributor Access

 Microsoft.Network/applicationGateways/write

(applicable only for Web Portal)

 Instance Group

compute.instanceGroups.get
compute.instanceGroups.update

Health Check

Target Group Health Check Probe

elasticloadbalancing:ModifyTargetGroup 

  Contributor Access

Instance Group Health Check

compute.instanceGroups.get
compute.instanceGroups.update

...