diff --git a/templates/aws-stack.yml b/templates/aws-stack.yml index 80e5f2abb..aeb601966 100644 --- a/templates/aws-stack.yml +++ b/templates/aws-stack.yml @@ -110,6 +110,7 @@ Metadata: - RootVolumeIops - RootVolumeThroughput - ManagedPolicyARNs + - ScalerManagedPolicyARNs - InstanceRoleARN - InstanceRoleName - InstanceRolePermissionsBoundaryARN @@ -816,6 +817,11 @@ Parameters: Description: Optional - Comma separated list of managed IAM policy ARNs to attach to the instance role. Default: "" + ScalerManagedPolicyARNs: + Type: CommaDelimitedList + Description: Optional - Comma separated list of managed IAM policy ARNs to attach to the autoscaling Lambda execution role. + Default: "" + IMDSv2Tokens: Type: String Description: > @@ -2864,6 +2870,7 @@ Resources: BuildkiteAgentTokenParameter: !If [ UseCustomerManagedParameterPath, !Ref BuildkiteAgentTokenParameterStorePath, !Ref BuildkiteAgentTokenParameter ] BuildkiteAgentTokenParameterStoreKMSKey: !If [ UseCustomerManagedKeyForParameterStore, !Ref BuildkiteAgentTokenParameterStoreKMSKey, "" ] RolePermissionsBoundaryARN: !If [ SetInstanceRolePermissionsBoundaryARN, !Ref InstanceRolePermissionsBoundaryARN, "" ] + ManagedPolicyARNs: !Join [ ',', !Ref ScalerManagedPolicyARNs ] AgentEndpoint: !Ref AgentEndpoint BuildkiteQueue: !Ref BuildkiteQueue AgentsPerInstance: !Ref AgentsPerInstance @@ -2895,6 +2902,7 @@ Resources: BuildkiteAgentTokenParameter: !If [ UseCustomerManagedParameterPath, !Ref BuildkiteAgentTokenParameterStorePath, !Ref BuildkiteAgentTokenParameter ] BuildkiteAgentTokenParameterStoreKMSKey: !If [ UseCustomerManagedKeyForParameterStore, !Ref BuildkiteAgentTokenParameterStoreKMSKey, "" ] RolePermissionsBoundaryARN: !If [ SetInstanceRolePermissionsBoundaryARN, !Ref InstanceRolePermissionsBoundaryARN, "" ] + ManagedPolicyARNs: !Join [ ',', !Ref ScalerManagedPolicyARNs ] AgentEndpoint: !Ref AgentEndpoint BuildkiteQueue: !Ref BuildkiteQueue AgentsPerInstance: !Ref AgentsPerInstance