En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

What EC2 permissions are needed to deregister-targets

0

I have a cluster of servers and on occasion there are a few updates, and those get checked, updated, but to keep from getting a complaint now and then I would like to remove the machine from the target group, update then add. I know I can do this in code-commit, etc. but for the sake of time, all of the work is in place, and the error is easy enough to follow;

An error occurred (AccessDenied) when calling the DeregisterTargets operation: User: arn:aws:sts::000000:assumed-role/role/serverID is not authorized to perform: elasticloadbalancing:DeregisterTargets

So I can add a simple permission to do that, but not finding what/where. Under permissions / EC2 I don't see any "deregister", under ELB there is a permission to DeregisterInstancesFromLoadBalancer, but when you mouse over says "Grants permission to deregister the specified instances from the specified load balancer" and I need to do this to a TargetGroup not an ELB.

So how can I grant the IAM role to remove that specific ID ? Thanks

Sujets
Sécurité, identité et conformité
Balises
Politiques IAM
Langue
English
lraymond
demandé il y a un an431 vues
2 réponses
0
Réponse acceptée

How do you remove targets?
If you are an IAM user, you will need to attach "elasticloadbalancing:DeregisterTargets" to the IAM user's policy.

profile picture
EXPERT
Riku_Kobayashi
répondu il y a un an
profile picture
EXPERT
Gary Mclean
vérifié il y a 2 mois
0

Thanks, I do not see that as an option so after some digging, it's under the awsloadbalancing V2, but appreciate that help

lraymond
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents