terraform-aws-iam fix: Update the policies for Karpenter controller IAM role

fix: Update the policies for Karpenter controller IAM role

Open triceras opened this issue 3 years ago • 0 comments

Updated Karpenter Controller IAM policy.

Description

Added missing actions to the Karpenter controller IAM policy

Motivation and Context

If you are using the Karpenter terraform IRSA module you will get a lot of permission issues like the one below:

2022-08-30T19:58:50.621Z	ERROR	controller.provisioning	Provisioning failed, launching node, creating cloud provider instance, getting launch template configs, getting launch templates, describing images [{
  Name: "image-id",
  Values: ["ami-0ab0c02538ad82487"]
}], UnauthorizedOperation: You are not authorized to perform this operation.
	status code: 403, request id: c83c94ec-972d-4d1a-9c2e-7ecaa64c1771	{"commit": "639756a"}

Breaking Changes

How Has This Been Tested?

Those IAM policy changes were tested manually on the AWS console.

[ ] I have updated at least one of the examples/* to demonstrate and validate my change(s)
[ ] I have tested and validated these changes using one or more of the provided examples/* projects

[ ] I have executed pre-commit run -a on my pull request

Aug 31 '22 16:08 triceras

terraform-aws-iam terraform-aws-iam copied to clipboard

fix: Update the policies for Karpenter controller IAM role

Description

Motivation and Context

Breaking Changes

How Has This Been Tested?

terraform-aws-iam
terraform-aws-iam copied to clipboard