Permissions Required to Use CloudPilot AI
CloudPilot AI uses a two-phase installation to minimize security risk. Phase 1 requires read-only access to Kubernetes cluster resources. Phase 2 (optional) enables cluster optimization and requires additional Kubernetes RBAC and cloud provider permissions.
CloudPilot AI follows the principle of least privilege. You only need to grant CloudPilot AI the minimal permissions required to perform its operations — no more.
Phase 1: Read-Only Permissions
During the first agent installation phase, CloudPilot AI deploys an agent that collects metadata about your Kubernetes cluster. This requires read-only access to core Kubernetes APIs across namespaces.
A ClusterRole
and Role
will be created with the following minimal permissions:
ClusterRole/Role Used in Phase 1
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudpilot-agent-cluster-role
rules:
- apiGroups:
- "storage.k8s.io"
resources:
- "csinodes"
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- "nodes"
- "pods"
- "persistentvolumeclaims"
- "persistentvolumes"
verbs:
- get
- list
- watch
- apiGroups:
- "apps"
resources:
- "deployments"
- "daemonsets"
- "statefulsets"
- "replicasets"
verbs:
- get
- list
- watch
- apiGroups:
- "policy"
resources:
- "poddisruptionbudgets"
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: cloudpilot-agent-role
namespace: cloudpilot
rules:
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "create", "update", "patch", "watch"]
This allows discovery and reporting of node configurations and workload configurations to calculate the optimization plan.
Phase 2: Additional Permissions for Cluster Optimization
If you proceed to Phase 2, CloudPilot AI will deploy components that actively optimize your cluster. This includes managing Kubernetes workloads and interacting with your cloud provider’s infrastructure APIs (e.g., EC2, Auto Scaling Groups).
Kubernetes RBAC Permissions
To manage Kubernetes resources, CloudPilot AI requires ClusterRole
and Role
definitions with the following permissions:
ClusterRole/Role Used in Phase 2 for AWS
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: cloudpilot-aws-optimizer
namespace: cloudpilot
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- apiGroups:
- ""
resources:
- configmaps
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- cloudpilot-aws-optimizer-cert
- cloudpilot-webhook
resources:
- secrets
verbs:
- update
- apiGroups:
- coordination.k8s.io
resourceNames:
- karpenter-leader-election
- cloudpilot-controller
- cloudpilot-workload-log-collector
resources:
- leases
verbs:
- patch
- update
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
meta.helm.sh/release-name: cloudpilot
meta.helm.sh/release-namespace: cloudpilot
name: cloudpilot-aws-optimizer
rules:
- apiGroups:
- karpenter.k8s.aws
resources:
- ec2nodeclasses
verbs:
- get
- list
- watch
- apiGroups:
- karpenter.k8s.aws
resources:
- ec2nodeclasses
- ec2nodeclasses/status
verbs:
- patch
- update
- apiGroups:
- admissionregistration.k8s.io
resourceNames:
- validation.webhook.karpenter.k8s.aws
resources:
- validatingwebhookconfigurations
verbs:
- update
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- get
- update
- list
- watch
- apiGroups:
- certificates.k8s.io
resources:
- '*'
verbs:
- get
- create
- update
- patch
- delete
- approve
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudpilot-aws-optimizer-admin
rules:
- apiGroups:
- karpenter.sh
resources:
- nodepools
- nodepools/status
- nodeclaims
- nodeclaims/status
verbs:
- get
- list
- watch
- create
- delete
- patch
- apiGroups:
- karpenter.k8s.aws
resources:
- ec2nodeclasses
verbs:
- get
- list
- watch
- create
- delete
- patch
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudpilot-aws-optimizer-core
rules:
- apiGroups:
- karpenter.sh
resources:
- nodepools
- nodepools/status
- nodeclaims
- nodeclaims/status
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
- pods/log
- nodes
- persistentvolumes
- persistentvolumeclaims
- replicationcontrollers
- namespaces
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
- csinodes
- volumeattachments
verbs:
- get
- watch
- list
- apiGroups:
- apps
resources:
- daemonsets
- deployments
- replicasets
- statefulsets
verbs:
- list
- watch
- get
- update
- patch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- watch
- list
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- karpenter.sh
resources:
- nodeclaims
- nodeclaims/status
verbs:
- create
- delete
- update
- patch
- apiGroups:
- karpenter.sh
resources:
- nodepools
- nodepools/status
verbs:
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- patch
- delete
- update
- apiGroups:
- ""
resources:
- pods/eviction
verbs:
- create
- apiGroups:
- ""
resources:
- pods
verbs:
- delete
- apiGroups:
- apiextensions.k8s.io
resourceNames:
- ec2nodeclasses.karpenter.k8s.aws
- nodepools.karpenter.sh
- nodeclaims.karpenter.sh
resources:
- customresourcedefinitions/status
verbs:
- patch
- apiGroups:
- apiextensions.k8s.io
resourceNames:
- ec2nodeclasses.karpenter.k8s.aws
- nodepools.karpenter.sh
- nodeclaims.karpenter.sh
resources:
- customresourcedefinitions
verbs:
- update
These permissions is needed to ensure the stability of the system while doing operations like scaling, provisioning, and termination.
Cloud Provider Permissions
AWS IAM Permissions
In Phase 2, CloudPilot AI requires an IAM role with the following permissions:
AWS IAM Role Used in Phase 2
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeScalingActivities",
"autoscaling:DescribeTags",
"ec2:DescribeImages",
"ec2:DescribeInstanceTypes",
"ec2:DescribeLaunchTemplateVersions",
"ec2:GetInstanceTypesFromInstanceRequirements",
"eks:DescribeNodegroup"
],
"Resource": ["*"]
},
{
"Effect": "Allow",
"Action": [
"autoscaling:SetDesiredCapacity",
"autoscaling:TerminateInstanceInAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup"
],
"Resource": ["*"]
},
{
"Action": [
"ssm:GetParameter",
"ec2:DescribeImages",
"ec2:RunInstances",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeLaunchTemplates",
"ec2:DescribeInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstanceTypeOfferings",
"ec2:DescribeAvailabilityZones",
"ec2:DeleteLaunchTemplate",
"ec2:CreateTags",
"ec2:CreateLaunchTemplate",
"ec2:CreateFleet",
"ec2:DescribeSpotPriceHistory",
"pricing:GetProducts",
"savingsplans:DescribeSavingsPlans",
"ec2:DescribeRegions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudPilot"
},
{
"Action": "ec2:TerminateInstances",
"Condition": {
"StringLike": {
"ec2:ResourceTag/karpenter.sh/nodepool": "*"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "ConditionalEC2Termination"
},
{
"Effect": "Allow",
"Action": "iam:PassRole",
"Resource": "arn:${AWS_PARTITION}:iam::${AWS_ACCOUNT_ID}:role/CloudPilotNodeRole-${CLUSTER_NAME}",
"Sid": "PassNodeIAMRole"
},
{
"Effect": "Allow",
"Action": "eks:DescribeCluster",
"Resource": "arn:${AWS_PARTITION}:eks:${AWS_REGION}:${AWS_ACCOUNT_ID}:cluster/${CLUSTER_NAME}",
"Sid": "EKSClusterEndpointLookup"
},
{
"Sid": "AllowScopedInstanceProfileCreationActions",
"Effect": "Allow",
"Resource": "*",
"Action": [
"iam:CreateInstanceProfile"
],
"Condition": {
"StringEquals": {
"aws:RequestTag/kubernetes.io/cluster/${CLUSTER_NAME}": "owned",
"aws:RequestTag/topology.kubernetes.io/region": "${AWS_REGION}"
},
"StringLike": {
"aws:RequestTag/karpenter.k8s.aws/ec2nodeclass": "*"
}
}
},
{
"Sid": "AllowScopedInstanceProfileTagActions",
"Effect": "Allow",
"Resource": "*",
"Action": [
"iam:TagInstanceProfile"
],
"Condition": {
"StringEquals": {
"aws:ResourceTag/kubernetes.io/cluster/${CLUSTER_NAME}": "owned",
"aws:ResourceTag/topology.kubernetes.io/region": "${AWS_REGION}",
"aws:RequestTag/kubernetes.io/cluster/${CLUSTER_NAME}": "owned",
"aws:RequestTag/topology.kubernetes.io/region": "${AWS_REGION}"
},
"StringLike": {
"aws:ResourceTag/karpenter.k8s.aws/ec2nodeclass": "*",
"aws:RequestTag/karpenter.k8s.aws/ec2nodeclass": "*"
}
}
},
{
"Sid": "AllowScopedInstanceProfileActions",
"Effect": "Allow",
"Resource": "*",
"Action": [
"iam:AddRoleToInstanceProfile",
"iam:RemoveRoleFromInstanceProfile",
"iam:DeleteInstanceProfile"
],
"Condition": {
"StringEquals": {
"aws:ResourceTag/kubernetes.io/cluster/${CLUSTER_NAME}": "owned",
"aws:ResourceTag/topology.kubernetes.io/region": "${AWS_REGION}"
},
"StringLike": {
"aws:ResourceTag/karpenter.k8s.aws/ec2nodeclass": "*"
}
}
},
{
"Sid": "AllowInstanceProfileReadActions",
"Effect": "Allow",
"Resource": "*",
"Action": "iam:GetInstanceProfile"
}
],
"Version": "2012-10-17"
}
These permissions include access to EC2 and Auto Scaling Group APIs, used to manage compute capacity dynamically.
AlibabaCloud RAM Permissions
For AlibabaCloud, the required RAM policy is as follows:
AlibabaCloud RAM Permissions
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"vpc:DescribeVSwitches",
"ecs:CreateAutoProvisioningGroup",
"ecs:DescribeSecurityGroups",
"ecs:DescribeAvailableResource",
"ecs:DescribeInstances",
"ecs:DescribeImages",
"cs:DescribeClusterDetail",
"cs:DescribeKubernetesVersionMetadata",
"cs:DescribeClusterAttachScripts",
"cs:DescribeClusterNodePools",
"ess:DescribeScalingGroups",
"ecs:AddTags",
"ram:CreateServiceLinkedRole"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "ecs:DeleteInstance",
"Resource": "*",
"Condition": {
"StringEquals": {
"acs:ResourceTag\/cloudpilot.ai\/managed": "true"
}
}
},
{
"Effect": "Allow",
"Action": "ess:DetachInstances",
"Resource": "*",
"Condition": {
"StringEquals": {
"acs:ResourceTag\/ack.aliyun.com": "${INTERNAL_CLUSTER_ID}"
}
}
}
]
}
These permissions allow CloudPilot AI to interact with ECS and ScalingGroup APIs for node lifecycle management.
All cloud provider permissions align closely with those used by Karpenter, with the addition of access to scaling group APIs (AWS/AutoScalingGroup
, AlibabaCloud/ScalingGroup
) to enable existing node optimization.
Commitment to Privacy and Security
CloudPilot AI adheres strictly to data protection best practices. We access only the data necessary for operation and optimization, and we never request or retain unnecessary privileges.
By design, we reduce attack surfaces through scoped permissions and continuous review of access requirements. This ensures secure, compliant, and efficient operation within your environment.
For further assistance, feel free to reach out to us through our Slack channel .