Details
-
Bug
-
Resolution: Duplicate
-
Critical
-
None
-
4.12.z, 4.11.z
-
None
-
Critical
-
No
-
Proposed
-
False
-
Description
Description of problem:
OpenShift(4.12.12) installation is getting failed due AWS S3 ACL policy. As mentioned in https://issues.redhat.com/browse/OCPBUGS-11662 issue resolved, we are trying to install openshift 4.12.12 but installation is still persist. Please refer following output ccoctl aws create-all --name os-aws-s3-fix-d02 --region us-east-2 --credentials-requests-dir ./credreqs --output-dir _output 2023/04/17 07:33:30 Generating RSA keypair 2023/04/17 07:33:32 Writing private key to _output/serviceaccount-signer.private 2023/04/17 07:33:32 Writing public key to _output/serviceaccount-signer.public 2023/04/17 07:33:32 Copying signing key for use by installer 2023/04/17 07:33:32 Bucket os-aws-s3-fix-d02-oidc created 2023/04/17 07:33:33 Failed to create Identity provider: failed to upload discovery document in the S3 bucket os-aws-s3-fix-d02-oidc: AccessControlListNotSupported: The bucket does not allow ACLs status code: 400, request id: MSNBYH65XANQFTTC, host id: swW4xKyWPGi6BsG+m34eYdhFbSw31LK7taLbl+GbNl5J9rr9bGuI0fUEYTsY1hRmi9HlzPn43Khu+wrvKuVb6Q==
Version-Release number of selected component (if applicable):
4.12.12
How reproducible:
Always
Steps to Reproduce:
1. We are following the steps given in the following link https://docs.openshift.com/container-platform/4.12/authentication/managing_cloud_provider_credentials/cco-mode-sts.html
Actual results:
install failed
Expected results:
install should success
Additional info:
Heads-Up: Amazon S3 Security Changes Are Coming in April of 2023 - https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/ https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-ownership-error-responses.html - After you apply the bucket owner enforced setting for Object Ownership, ACLs are disabled.
Attachments
Issue Links
- impacts account
-
-
- Closed
-
