Astronomer is implementing policy changes that involve updating both the cross-account role policy and the operational boundary for service roles to accommodate a new Karpenter-based node autoscaling controller. These updates are necessary for Astronomer to manage and create resources essential for the controller, such as SQS queues and EventBridge rule resources, and to perform maintenance tasks. The policy adjustments include expanding permissions to enhance Data Plane cluster management, allowing the automation and support team to better address Istio ingress and RDS performance issues. Consequently, new permissions are being added to the cross-account role to support these functionalities, enhancing the reliability and support of the system.