Skip to content

Commit

Permalink
update permissions list to cover new installer functionality
Browse files Browse the repository at this point in the history 
recent changes to the installer for AWS now require these permissions to perform an install/uninstall.

ec2:GetEbsDefaultKmsKeyId
s3:GetBucketAcl
s3:ListBucketVersions
  • Loading branch information
Joel Diaz committed Apr 13, 2020
1 parent 03e7c9c commit 7b4020d
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions pkg/asset/installconfig/aws/permissions.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ var permissions = map[PermissionGroup][]string{
"ec2:DescribeVpcClassicLinkDnsSupport",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcs",
"ec2:GetEbsDefaultKmsKeyId",
"ec2:ModifyInstanceAttribute",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ReleaseAddress",
Expand Down Expand Up @@ -140,6 +141,7 @@ var permissions = map[PermissionGroup][]string{
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:GetAccelerateConfiguration",
"s3:GetBucketAcl",
"s3:GetBucketCors",
"s3:GetBucketLocation",
"s3:GetBucketLogging",
Expand Down Expand Up @@ -180,6 +182,7 @@ var permissions = map[PermissionGroup][]string{
"iam:ListRolePolicies",
"iam:ListUserPolicies",
"s3:DeleteObject",
"s3:ListBucketVersions",
"tag:GetResources",
},
// Permissions required for creating network resources
Expand Down

0 comments on commit 7b4020d

Please sign in to comment.