-
Notifications
You must be signed in to change notification settings - Fork 1.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
do a pre-flight check of permissions using cloud-credentials-operator validation to do a check on the creds being used for installation the initial list of permissions that gathers the AWS actions needed to perform an installation are taken verbatim from the IAM group permissions the hive team has been using to perform installation/uninstallation with (there absolutely could be some excess actions that used to be needed, but may no longer be needed) note that the permissions checks are done with the assumption of IAM policies consisting of 'Resource: "*"'. so a list of ["ec2:CreateRoute", "ec2:CreateSubnet"] is evaluated as whether we can peform ``` { "Statement": [ { "Action": [ "ec2:CreateRoute", "ec2:CreateSubnet" ], "Effect": "Allow", "Resource": "*" } ] } ```
- Loading branch information
Joel Diaz
committed
Jan 31, 2019
1 parent
749d9e5
commit 85eb699
Showing
27 changed files
with
4,451 additions
and
7 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.