-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.21.0
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Critical
-
Yes
-
None
-
Proposed
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Installing into GCP Shared VPC with "credentialsMode: Passthrough" and using minimal permissions failed, because "failed to create bootstrap firewall rules: failed to find firewall permission compute.firewalls.create", while "skipping firewall rule creation" is expected in this case.
Version-Release number of selected component (if applicable):
4.21.0-0.nightly-multi-2025-10-08-162245
How reproducible:
Always
Steps to Reproduce:
1. "create install-config", then edit install-config.yaml to insert interested settings (see [1])
2. activate the GCP IAM service account which has minimal required permissions
3. "create cluster" (see [2])
Actual results:
ERROR failed to fetch Cluster: failed to generate asset "Cluster": failed to create cluster: failed provisioning resources after infrastructure ready: failed to add bootstrap firewall rule: failed to create bootstrap firewall rules: failed to find firewall permission compute.firewalls.create
Expected results:
The installation should succeed, along with telling "failed to find permission compute.firewalls.create, skipping firewall rule creation".
Additional info:
- relates to
-
CORS-4231 Relax the firewall create/delete permissions for non-XPN OpenShift on Google Cloud
-
- New
-