Permission for Scaling

Note

Ensure that role permissions may not update instantly. Changes may take 2-5 minutes to sync and apply.

Scaling Permissions

Functionality	AWS (IAM Role)	AZURE	GCP
Increase Node	ec2:GetLaunchTemplateData ec2:CreateLaunchTemplate ec2:RunInstances	Microsoft.Network/applicationGateways/write (applicable only for Web Portal) Microsoft.Network/networkSecurityGroups/read Microsoft.Network/networkInterfaces/write Microsoft.Network/virtualNetworks/subnets/join/action Microsoft.Network/networkSecurityGroups/join/action NOTE: Above-mentioned permissions are applicable only when existing Virtual Network is used.	compute.subnetworks.use (applicable for Marketplace only when shared VPC is used)
Decrease Node	ec2:DeleteLaunchTemplate ec2:TerminateInstances	Microsoft.Network/applicationGateways/write (applicable only for Web Portal) Microsoft.Network/networkSecurityGroups/read Microsoft.Network/networkInterfaces/write Microsoft.Network/virtualNetworks/subnets/join/action Microsoft.Network/networkSecurityGroups/join/action NOTE: Above-mentioned permissions are applicable only when existing Virtual Network is used.	compute.subnetworks.use (applicable for Marketplace only)
Increase Disk	ec2:CreateVolume ec2:AttachVolume ec2:ModifyInstanceAttribute	Not applicable
Decrease Disk	ec2:DetachVolume ec2:DeleteVolume	Not applicable
Load Balancer/ TargetGroup Entry Addition	elasticloadbalancing:DescribeTargetGroups elasticloadbalancing:RegisterTargets	Not applicable
Load Balancer/ Target Group Entry Deletion	elasticloadbalancing:DescribeTargetGroups elasticloadbalancing:DeregisterTargets	Not applicable
Target Group health check/probe path modification	“elasticloadbalancing:ModifyTargetGroup “	Not applicable

Read Also:

Managing Nodes and Services