Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-38162

Error logs for missing CreateTags permissions when fallback works

XMLWordPrintable

    • None
    • Hypershift Sprint 258
    • 1
    • False
    • Hide

      None

      Show
      None

      Description of problem:

          control-plane-operator logs shows errors due to missing CreateTags permissions. These permissions are not necessary for ROSA, thus the errors are a red herring for investigations into cluster issues.

      Version-Release number of selected component (if applicable):

          4.17.z 4.16.z 4.15.z 4.14.z

      How reproducible:

          100%

      Steps to Reproduce:

          1. Create a ROSA HCP cluster 
    2. Inspect CAPA logs

      Actual results:

       
      CAPA error log for createTags:
arn:aws:sts::123:assumed-role/test-kube-system-capa-controller-manager/1234 is not authorized to perform: ec2:CreateTags on resource: arn:aws:ec2:ap-southeast-1:123:network-interface/eni-id

      Expected results:

         No error log as the fallback works.

      Additional info:

              pstefans@redhat.com Patryk Stefanski
              cbusse.openshift Claudio Busse
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: