Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.iru.com/llms.txt

Use this file to discover all available pages before exploring further.

About Elastic Load Balancing (ELB)

The Elastic Load Balancing connector inventories listeners, rules, target groups, and health checks for Application, Network, and Classic load balancers. Iru uses sts:AssumeRole with your IAM role and an external ID (no traffic manipulation), metadata only.

How it works

Attach ElasticLoadBalancingReadOnly, or use the inline policy below (elasticloadbalancing:Describe* plus supporting ec2:Describe* calls ELB consoles typically need).
DetailValue
CategoryNetworking
AuthenticationCross-account IAM role

Prerequisites

  • IAM admin rights in the account that owns load balancers.
  • Connector principal + external ID from Iru.

Connect Elastic Load Balancing to Iru

Copy the trust policy from Iru

1

Open Sources

In Iru Compliance, on the left navigation bar, expand Compliance and select Sources.
Left navigation: Compliance expanded, Sources selected
2

Turn on Elastic Load Balancing

Find Elastic Load Balancing or AWS ELB (use Category or Search by name or description). On that card, turn on the toggle. Leave the wizard tab open.
3

Copy the trust policy JSON

Copy the trust policy exactly as shown in the wizard. The shape below matches what IAM expects for the role Trust policy editor (full document with Version and Statement). Always use the principal and external ID from your live wizard if they differ.
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::753695775620:role/IruConnect"
      },
      "Condition": {
        "StringEquals": {
          "sts:ExternalId": "YOUR_EXTERNAL_ID"
        }
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Create the IAM role in AWS

1

Start Create role

Open IAMRolesCreate role.
2

Configure trusted entity

Choose AWS accountAnother AWS account. Enter 753695775620 (or the ID Iru shows). Enable Require external ID and paste the external ID from Iru.
3

Attach ELB read permissions

Attach ElasticLoadBalancingReadOnly, or attach this inline policy:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "elasticloadbalancing:Describe*",
        "ec2:DescribeInstances",
        "ec2:DescribeSecurityGroups",
        "ec2:DescribeSubnets",
        "ec2:DescribeVpcs"
      ],
      "Resource": "*"
    }
  ]
}
4

Name the role and copy the ARN

Name the role, create it, and copy the Role ARN.

Submit the role ARN in Iru

1

Paste the IAM Role ARN

In the wizard tab from Iru, paste the Role ARN you copied from AWS into the field the wizard provides.
2

Confirm the source is Active

Finish the wizard until AWS ELB reads Active.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
Fix external ID typos.
Ensure Describe coverage spans the balancer generations you still run.

Considerations

Inventory work is Regional: every enabled Region may…

Inventory work is Regional, so every enabled Region may be queried.

See also