AWS managed policies for Amazon EC2 Auto Scaling - Amazon EC2 Auto Scaling

AWS managed policies for Amazon EC2 Auto Scaling

To add permissions to users, groups, and roles, it is easier to use AWS managed policies than to write policies yourself. It takes time and expertise to create IAM customer managed policies that provide your team with only the permissions they need. To get started quickly, you can use our AWS managed policies. These policies cover common use cases and are available in your AWS account. For more information about AWS managed policies, see AWS managed policies in the IAM User Guide.

AWS services maintain and update AWS managed policies. You can't change the permissions in AWS managed policies. Services occasionally add additional permissions to an AWS managed policy to support new features. This type of update affects all identities (users, groups, and roles) where the policy is attached. Services are most likely to update an AWS managed policy when a new feature is launched or when new operations become available. Services do not remove permissions from an AWS managed policy, so policy updates won't break your existing permissions.

Additionally, AWS supports managed policies for job functions that span multiple services. For example, the ViewOnlyAccess AWS managed policy provides read-only access to many AWS services and resources. When a service launches a new feature, AWS adds read-only permissions for new operations and resources. For a list and descriptions of job function policies, see AWS managed policies for job functions in the IAM User Guide.

Amazon EC2 Auto Scaling managed policies

You can attach the following managed policies to your AWS Identity and Access Management (IAM) entities. Each policy provides access to all or some of the API actions for Amazon EC2 Auto Scaling.

  • AutoScalingFullAccess — Grants full access to Amazon EC2 Auto Scaling for users who need full Amazon EC2 Auto Scaling access from the AWS CLI or SDKs, but not AWS Management Console access.

  • AutoScalingReadOnlyAccess — Grants read-only access to Amazon EC2 Auto Scaling for users who are making calls only to the AWS CLI or SDKs.

  • AutoScalingConsoleFullAccess — Grants full access to Amazon EC2 Auto Scaling using the AWS Management Console. This policy works when you are using launch configurations, but not when you are using launch templates.

  • AutoScalingConsoleReadOnlyAccess — Grants read-only access to Amazon EC2 Auto Scaling using the AWS Management Console. This policy works when you are using launch configurations, but not when you are using launch templates.

When you are using launch templates from the console, you need to grant additional permissions specific to launch templates, which are discussed in Launch template support. The Amazon EC2 Auto Scaling console needs permissions for ec2 actions so it can display information about launch templates and launch instances using launch templates.

AutoScalingServiceRolePolicy AWS managed policy

You can't attach AutoScalingServiceRolePolicy to your IAM entities. This policy is attached to a service-linked role that allows Amazon EC2 Auto Scaling to launch and terminate instances. For more information, see Service-linked roles for Amazon EC2 Auto Scaling.

Amazon EC2 Auto Scaling updates to AWS managed policies

View details about updates to AWS managed policies for Amazon EC2 Auto Scaling since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the Amazon EC2 Auto Scaling Document history page.

Change Description Date

Amazon EC2 Auto Scaling adds permissions to its service-linked role

To support predictive scaling, the AutoScalingServiceRolePolicy policy now includes permission to call the cloudwatch:GetMetricData API action. For more information, see Service-linked roles for Amazon EC2 Auto Scaling. May 19, 2021

Amazon EC2 Auto Scaling started tracking changes

Amazon EC2 Auto Scaling started tracking changes for its AWS managed policies.

May 19, 2021