Closed dogzzdogzz closed 3 years ago
The policy I use is:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DetachInstances"
],
"Resource": "*"
}
]
}
Hi,
We removed most of IAM policy from instance role of worker node since EKS support IAM roles for service account and some apps like cluster-autoscaler already support it.
but we got below error log
I think this is because we turned the ASG detach feature, so I'm wondering if spot-termination-handler support IAM roles for service account ? If not, what are the minimum required IAM policies for it so I can added it back to instance role? It would be appreciated if you can document on README,
Thanks.