-
Bug
-
Resolution: Won't Do
-
Undefined
-
None
-
4.14.z
This is a clone of issue OCPBUGS-35044. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-33662. The following is the description of the original issue:
—
Description of problem:
We should not require the s3:DeleteObject permission for installs when the `preserveBootstrapIgnition` option is set in the install-config.
Version-Release number of selected component (if applicable):
4.14+
How reproducible:
always
Steps to Reproduce:
1. Use an account without the permission 2. Set `preserveBootstrapIgnition: true` in the install-config.yaml 3. Try to deploy a cluster
Actual results:
INFO Credentials loaded from the "denys3" profile in file "/home/cloud-user/.aws/credentials" INFO Consuming Install Config from target directory WARNING Action not allowed with tested creds action=s3:DeleteBucket WARNING Action not allowed with tested creds action=s3:DeleteObject WARNING Action not allowed with tested creds action=s3:DeleteObject WARNING Tested creds not able to perform all requested actions FATAL failed to fetch Cluster: failed to fetch dependency of "Cluster": failed to generate asset "Platform Permissions Check": validate AWS credentials: current credentials insufficient for performing cluster installation
Expected results:
No permission errors.
Additional info:
- clones
-
OCPBUGS-35044 aws: do not require s3:Delete* perms if `preserveBootstrapIgnition` is set
- Closed
- is blocked by
-
OCPBUGS-35044 aws: do not require s3:Delete* perms if `preserveBootstrapIgnition` is set
- Closed