Hi, I Am Trying To Use The Clearml Aws Autoscaler Service (In The Pro Version) And Getting This Error:

Unanswered

CornyDeer86 you are the best! AnxiousSeal95 thanks for your help also, we have been trying to solve this problem for a long time, and now it works like a magic.
conclusions:
minimal policy needed for the auto-scaling service if we want to specify security group and subnet for RunInstances action permissions and also to use spot instances (as far as we found until now):
still one problem is existing - AWS doesn't support specifications of resources for DescribeInstances/RequestSpotInstances Actions{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "ec2:CancelSpotInstanceRequests", "ec2:RequestSpotInstances", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeInstances" ], "Resource": "*", "Condition": { "StringEquals": { "aws:RequestedRegion": "{region}" } } }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "ec2:TerminateInstances", "ec2:DeleteTags", "ec2:StartInstances", "ec2:CreateTags", "ec2:RunInstances", "ec2:StopInstances", "ec2:GetConsoleOutput" ], "Resource": [ "arn:aws:ec2:{region}:{user_id}:network-interface/*", "arn:aws:ec2:{region}:{user_id}:subnet/subnet-{subnet_id}", "arn:aws:ec2:{region}:{user_id}:key-pair/*", "arn:aws:ec2:{region}:{user_id}:instance/*", "arn:aws:ec2:{region}:{user_id}:volume/*", "arn:aws:ec2:{region}:{user_id}:security-group/sg-{security_group_id}" ], "Condition": { "StringEquals": { "aws:RequestedRegion": "{region}" } } }, { "Sid": "VisualEditor2", "Effect": "Allow", "Action": "ec2:RunInstances", "Resource": "arn:aws:ec2:{region}::image/ami-{ami_id}", "Condition": { "StringEquals": { "ec2:Owner": "amazon" } } } ] }

  				
Posted 
	2 years ago

					More
				  		
  Report
		
					SmugTurtle78
				
					0
					 × 1

177 Views

0 Answers

2 years ago

one year ago