/
Post upgrade IAM policies to use resource scaling
Document toolboxDocument toolbox

Post upgrade IAM policies to use resource scaling

Owned by Sarabjeet Kaur
Dec 19, 2024
2 min read

Case 1
To upgrade from Kyvos 2023.1.1 to Kyvos 2023.5, perform the following steps.

  1. To increase or decrease BI Server or Query Engine nodes, following permissions need to be added in IAM roles:

    { "Sid": "LaunchTemplateAndTerminateInstances", "Effect": "Allow", "Action": [ "ec2:GetLaunchTemplateData", "ec2:TerminateInstances" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } } }, { "Sid": "CreateLaunchTemplate", "Effect": "Allow", "Action": [ "ec2:RunInstances", "ec2:CreateLaunchTemplate", "ec2:DeleteLaunchTemplate" ], "Resource": "*" }

  2. The ‘CreateTags’ permission needs to be removed. Hence, to create a separate policy for creating tags. Replace the following existing policy.

    "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } }, "Action": [ "ec2:DeleteTags", "ec2:CreateTags", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Effect": "Allow", "Sid": "Ec2tagsPermissionKM" },

  3. After replacing the policy mentioned in Step-2, update the following policy.

    { "Sid": "Ec2tagsPermissionKM", "Effect": "Allow", "Action": [ "ec2:DeleteTags", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Condition": { "StringEqualsIgnoreCase": { "ec2:ResourceTag/UsedBy": "Kyvos" } } }, { "Sid": "Ec2tagsPermissionKM2", "Effect": "Allow", "Action": [ "ec2:CreateTags" ], "Resource": "*" }

Case 2

In case of upgrade from Kyvos 2023.2, 2023.3, 2023.4 to Kyvos 2023.5, perform the following steps.

  1. To increase or decrease BI Server or Query Engine nodes, following permissions need to be added in IAM roles:

  2. The ‘CreateTags’ permission needs to be removed. Hence, to create a separate policy for creating tags. Replace the following existing policy.

  3. After replacing the policy mentioned in Step-2, update the following policy.

  4. Add a tag on all Query Engine and BI Server as cloudformation:stack-name and its value must be the stack name you provide.

  5. Remove the following existing policy for a condition.

  6. After removing the policy mentioned in step-5 (as mentioned above) for a condition, update the following policy.

Related content

Post upgrade IAM policies to use resource scaling
Post upgrade IAM policies to use resource scaling
Kyvos 2024.11.x
More like this
Important Points and Matrix for Scaling and Services
Important Points and Matrix for Scaling and Services
Kyvos 2024.9.x
More like this
Important Points and Matrix for Scaling and Services
Important Points and Matrix for Scaling and Services
Kyvos 2024.10.x
More like this
Important Points and Matrix for Scaling and Services
Important Points and Matrix for Scaling and Services
Kyvos 2024.12
More like this
Post-upgrade steps for nodes scaling of resources
Post-upgrade steps for nodes scaling of resources
Kyvos 2024.2
More like this
Post-upgrade steps for nodes scaling of resources
Post-upgrade steps for nodes scaling of resources
Kyvos 2024.10.x
More like this

Copyright Kyvos, Inc. All rights reserved.