Technology: aws-cluster-autoscaler
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| prequel-2025-0079 Medium Impact: 3/10 Mitigation: 3/10 | AWS Cluster Autoscaler Access Denied | **Cluster Autoscaler** tries to fetch node-group metadata to decide whether it can scale a workload-affinityed pod. The call to the EKS control plane fails with ``` Failed to get labels from EKS DescribeNodegroup API for nodegroup <name> … AccessDeniedException: User <ARN> is not authorized to perform: eks:DescribeNodegroup on resource: arn:aws:eks:<region>:<acct>:nodegroup/… ``` Once the error is hit the Autoscaler marks the node-group **Not-Ready for scaling actions**, so pending pods remain unscheduled and scale-down decisions are skipped. | AWS Problems | aws-cluster-autoscaler | AWSAutoscaling |