Giters

cloud-custodian / cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Home Page:https://cloudcustodian.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Update documentation on ECS service action resize

jnancel opened this issue · comments

commented

Describe the feature

Documentation for that resize action in ecs-service resource states that required permissions are ecs:UpdateService, ecs:TagResource, ecs:UntagResource, however, even with those permissions, trying to offhours a service, I got this error :

errorMessage": "An error occurred (AccessDeniedException) when calling the RegisterScalableTarget operation: User: arn:aws:sts::123456789098:assumed-role/Custodian/custodian-ecs-business-hours-offhours is not authorized to perform: application-autoscaling:RegisterScalableTarget on resource: arn:aws:application-autoscaling:eu-west-1:123456789098:scalable-target/xxxyyyzzz because no identity-based policy allows the application-autoscaling:RegisterScalableTarget action",

Could you please update the documentation accordingly ?

Extra information or context

No response