add AWS IAM policy as requirement to integrate with AWS SQS (#58)

Signed-off-by: Sandor Szücs <sandor.szuecs@zalando.de>
2025-06-05 19:57:00 +00:00 · 2019-05-17 11:07:18 +02:00
parent ffff8c2040
commit 9a234cbdac
1 changed files with 24 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -266,6 +266,30 @@ instead of a total sum.
 The AWS collector allows scaling based on external metrics exposed by AWS
 services e.g. SQS queue lengths.

+### AWS IAM role
+
+To integrate with AWS, the controller needs to run on nodes with
+access to AWS API. Additionally the controller have to have a role
+with the following policy to get all required data from AWS:
+
+```yaml
+PolicyDocument:
+  Statement:
+    - Action: 'sqs:GetQueueUrl'
+      Effect: Allow
+      Resource: '*'
+    - Action: 'sqs:GetQueueAttributes'
+      Effect: Allow
+      Resource: '*'
+    - Action: 'sqs:ListQueues'
+      Effect: Allow
+      Resource: '*'
+    - Action: 'sqs:ListQueueTags'
+      Effect: Allow
+      Resource: '*'
+  Version: 2012-10-17
+```
+
 ### Supported metrics

 | Metric | Description | Type |