diff --git a/pkg/model/iam/iam_builder.go b/pkg/model/iam/iam_builder.go index f044141bd9..071957dee3 100644 --- a/pkg/model/iam/iam_builder.go +++ b/pkg/model/iam/iam_builder.go @@ -646,6 +646,7 @@ func addMasterASPolicies(p *Policy, resource stringorslice.StringOrSlice, legacy "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", "autoscaling:GetAsgForInstance", "autoscaling:SetDesiredCapacity", "autoscaling:TerminateInstanceInAutoScalingGroup", @@ -663,6 +664,7 @@ func addMasterASPolicies(p *Policy, resource stringorslice.StringOrSlice, legacy Action: stringorslice.Of( "autoscaling:DescribeAutoScalingGroups", // aws_instancegroups.go "autoscaling:DescribeLaunchConfigurations", // aws.go + "autoscaling:DescribeTags", // auto_scaling.go "autoscaling:GetAsgForInstance", // aws_manager.go ), Resource: resource, diff --git a/pkg/model/iam/tests/iam_builder_master_legacy.json b/pkg/model/iam/tests/iam_builder_master_legacy.json index 0d4e7cae59..c375621cd5 100644 --- a/pkg/model/iam/tests/iam_builder_master_legacy.json +++ b/pkg/model/iam/tests/iam_builder_master_legacy.json @@ -18,6 +18,7 @@ "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", "autoscaling:GetAsgForInstance", "autoscaling:SetDesiredCapacity", "autoscaling:TerminateInstanceInAutoScalingGroup", diff --git a/pkg/model/iam/tests/iam_builder_master_strict.json b/pkg/model/iam/tests/iam_builder_master_strict.json index aaf2104471..c39f5ee390 100644 --- a/pkg/model/iam/tests/iam_builder_master_strict.json +++ b/pkg/model/iam/tests/iam_builder_master_strict.json @@ -56,6 +56,7 @@ "Action": [ "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", "autoscaling:GetAsgForInstance" ], "Resource": [ diff --git a/pkg/model/iam/tests/iam_builder_master_strict_ecr.json b/pkg/model/iam/tests/iam_builder_master_strict_ecr.json index a62faf51a0..95a96bca79 100644 --- a/pkg/model/iam/tests/iam_builder_master_strict_ecr.json +++ b/pkg/model/iam/tests/iam_builder_master_strict_ecr.json @@ -56,6 +56,7 @@ "Action": [ "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", "autoscaling:GetAsgForInstance" ], "Resource": [ diff --git a/tests/integration/update_cluster/additional_user-data/cloudformation.json b/tests/integration/update_cluster/additional_user-data/cloudformation.json index 9f01c66931..3f02fca73a 100644 --- a/tests/integration/update_cluster/additional_user-data/cloudformation.json +++ b/tests/integration/update_cluster/additional_user-data/cloudformation.json @@ -567,6 +567,7 @@ "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", "autoscaling:GetAsgForInstance", "autoscaling:SetDesiredCapacity", "autoscaling:TerminateInstanceInAutoScalingGroup", diff --git a/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json b/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json index 8b034be017..8a4801274c 100644 --- a/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json +++ b/tests/integration/update_cluster/minimal-cloudformation/cloudformation.json @@ -567,6 +567,7 @@ "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", + "autoscaling:DescribeTags", "autoscaling:GetAsgForInstance", "autoscaling:SetDesiredCapacity", "autoscaling:TerminateInstanceInAutoScalingGroup",