Enable IAM roles for EC2s in AWS #10224
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift-ci-robot
added
the
size/M
PrerequisitesProvision_install (masters)Provision_install (compute)Provision_install (infra) |
michaelgugino
suggested changes
Sep 25, 2018
| iam_role: "{{ openshift_aws_iam_master_role_name | default(openshift_aws_iam_role_name) }}" | ||
| policy_name: "{{ openshift_aws_iam_master_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" | ||
| policy_json: "{{ openshift_aws_iam_master_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" | ||
| iam_role: "{{ openshift_aws_launch_config_iam_roles['master'].name | default(openshift_aws_iam_role_name) }}" |
There was a problem hiding this comment.
Remove default from these.
| @@ -333,6 +327,20 @@ openshift_aws_launch_config_security_groups: | |||
| - "{{ openshift_aws_clusterid }}_infra" # node type sg | |||
| - "{{ openshift_aws_clusterid }}_infra_k8s" # node type sg k8s | |||
|
|
|||
| openshift_aws_launch_config_iam_roles: | |||
| master: | |||
| name: "{{ openshift_aws_clusterid }}-iam_master" | |||
There was a problem hiding this comment.
name: "{{ openshift_aws_iam_master_role_name | default(openshift_aws_clusterid ~ '-iam_master') }}"
Do this for the others as well.
mazzystr
force-pushed
the
use_iam_roles
branch
from
71422d2
to
646d0da
Compare
mazzystr
force-pushed
the
use_iam_roles
branch
from
eacec89
to
13732b1
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mazzystr, michaelgugino The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/cherrypick release-3.11 |
1 similar comment
|
/cherrypick release-3.11 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enable IAM roles for EC2s in AWS. Iam roles are now created during prerequisites play. Build_node_group moved away iam role creation to iam role query. Ec2 and Auto Scale Group instance_profile keys updated to suit.
openshift_aws_create_iam_role: Trueopenshift_aws_master_instance_config,openshift_aws_node_group_config,openshift_aws_launch_config_iam_rolesas needed.Resolves Bugzilla 1630319 and 1632843