Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.iru.com/llms.txt

Use this file to discover all available pages before exploring further.

About AWS Auto Scaling

AWS exposes two scaling planes: EC2 Auto Scaling (autoscaling:) for Auto Scaling groups and Application Auto Scaling (application-autoscaling:) for ECS, DynamoDB, Aurora, Spot Fleet, and similar. Iru needs both read paths for full coverage.

How it works

Attach AutoScalingReadOnlyAccess, then add an inline policy for application-autoscaling:Describe* (see below). The role is global; resources are Regional.
DetailValue
CategoryInfrastructure
AuthenticationCross-account IAM role

Prerequisites

  • IAM rights to create roles and attach the managed + inline policies below.

Connect AWS Auto Scaling to Iru

Copy the trust policy from Iru

1

Open Sources

In Iru Compliance, on the left navigation bar, expand Compliance and select Sources.
Left navigation: Compliance expanded, Sources selected
2

Turn on AWS Auto Scaling

Find AWS Auto Scaling (use Category or Search by name or description). On that card, turn on the toggle. Leave the wizard tab open.
3

Copy the trust policy JSON

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::753695775620:role/IruConnect"
      },
      "Condition": {
        "StringEquals": {
          "sts:ExternalId": "YOUR_EXTERNAL_ID"
        }
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Create the IAM role in AWS

1

Start Create role

Open IAMRolesCreate role.
2

Configure trusted entity

Choose AWS accountAnother AWS account. Enter 753695775620 (or the ID Iru shows). Enable Require external ID and paste the external ID from Iru.
3

Attach AutoScalingReadOnlyAccess

Attach the AWS managed policy AutoScalingReadOnlyAccess.
4

Add Application Auto Scaling inline policy

Add an inline policy with this JSON:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "application-autoscaling:DescribeScalableTargets",
        "application-autoscaling:DescribeScalingActivities",
        "application-autoscaling:DescribeScalingPolicies",
        "application-autoscaling:DescribeScheduledActions"
      ],
      "Resource": "*"
    }
  ]
}
5

Name the role and copy the ARN

Name the role, create it, and copy the Role ARN.
6

Verify the trust relationship

Confirm Trust relationships matches the wizard JSON.

Submit the role ARN in Iru

1

Paste the IAM Role ARN

Paste the Role ARN into the connector where the wizard prompts for it.
2

Confirm the source is Active

Submit until AWS Auto Scaling shows Active.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
You only attached AutoScalingReadOnlyAccess - add the application-autoscaling inline policy.
External ID mismatch.

See also