Predictive scaling service-linked role - Amazon Auto Scaling
Permissions granted by the service-linked role Create the service-linked role (automatic)Create the service-linked role (manual)Edit the service-linked roleDelete the service-linked roleSupported Regions
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Predictive scaling service-linked role

Amazon Auto Scaling uses service-linked roles for the permissions that it requires to call other Amazon on your behalf when you work with a scaling plan. For more information, see Service-linked roles for scaling plans.

The following sections describe how to create and manage the service-linked role for predictive scaling. Start by configuring permissions to allow an IAM entity (such as a user, group, or role) to create, edit, or delete a service-linked role.

Permissions granted by the service-linked role

Amazon Auto Scaling uses the service-linked role named AWSServiceRoleForAutoScalingPlans_EC2AutoScaling to call the following actions on your behalf when you enable predictive scaling:

  • cloudwatch:GetMetricData

  • autoscaling:DescribeAutoScalingGroups

  • autoscaling:DescribeScheduledActions

  • autoscaling:BatchPutScheduledUpdateGroupAction

  • autoscaling:BatchDeleteScheduledAction

AWSServiceRoleForAutoScalingPlans_EC2AutoScaling trusts the autoscaling-plans.amazonaws.com service to assume the role.

Create the service-linked role (automatic)

You don't need to manually create the AWSServiceRoleForAutoScalingPlans_EC2AutoScaling role. Amazon creates this role for you when you create a scaling plan in your account and enable predictive scaling.

For Amazon to create a service-linked role on your behalf, you must have the required permissions. For more information, see Service-linked role permissions in the IAM User Guide.

Create the service-linked role (manual)

To create the service-linked role manually, you can use the IAM console, IAM CLI, or IAM API. For more information, see Creating a service-linked role in the IAM User Guide.

To create a service-linked role (Amazon CLI)

Use the following create-service-linked-role CLI command to create the service-linked role.

aws iam create-service-linked-role --aws-service-name autoscaling-plans.amazonaws.com

Edit the service-linked role

You can edit the description of AWSServiceRoleForAutoScalingPlans_EC2AutoScaling using IAM. For more information, see Editing a service-linked role in the IAM User Guide.

Delete the service-linked role

If you no longer need to use scaling plans, we recommend that you delete AWSServiceRoleForAutoScalingPlans_EC2AutoScaling.

You can delete a service-linked role only after you delete all scaling plans in your Amazon Web Services account that have predictive scaling enabled. This ensures that you can't inadvertently remove permissions to access your scaling plans.

You can use the IAM console, IAM CLI, or IAM API to delete the service-linked role. For more information, see Deleting a service-linked role in the IAM User Guide.

After you delete the AWSServiceRoleForAutoScalingPlans_EC2AutoScaling service-linked role, Amazon Auto Scaling creates the role again if you create a scaling plan with predictive scaling enabled.

Supported Regions

Amazon Auto Scaling supports using service-linked roles in all of the Amazon Web Services Regions where scaling plans available. For information about the Regional availability of scaling plans, see Amazon Auto Scaling endpoints and quotas in the Amazon Web Services General Reference.