Why are all the EC2 Host Permissions needed in an AWS Cluster even when it is configured by Cloudformation template?
Issue
- Why are the below permissions needed in a
RHOCP Cluster
deployed onAWS
using 'Cloudformation` template.
ec2:DescribeSubnets
ec2:CreateSecurityGroup
ec2:DescribeSecurityGroups
ec2:DeleteSecurityGroup
ec2:DescribeRouteTables
ec2:DescribeVolume*
ec2:CreateVolume
ec2:AttachVolume
ec2:DetachVolume
ec2:DeleteVolume
ec2:CreateVolume
ec2:AttachVolume
- What is necessity of these permissions when
Cloudformation template
is created beforehand ?
Environment
- Red Hat OpenShift Container Platform
- 3.x on AWS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.