diff --git a/pkg/model/iam/iam_builder.go b/pkg/model/iam/iam_builder.go index 42d94f9d59..82bdd63e28 100644 --- a/pkg/model/iam/iam_builder.go +++ b/pkg/model/iam/iam_builder.go @@ -999,7 +999,10 @@ func AddClusterAutoscalerPermissions(p *Policy, useStaticInstanceList bool) { "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeScalingActivities", + "ec2:DescribeImages", + "ec2:DescribeInstanceTypes", "ec2:DescribeLaunchTemplateVersions", + "ec2:GetInstanceTypesFromInstanceRequirements", ) if !useStaticInstanceList { p.unconditionalAction.Insert( diff --git a/pkg/model/iam/tests/iam_builder_master_gossip.json b/pkg/model/iam/tests/iam_builder_master_gossip.json index 4e41e8bb21..fcf324e197 100644 --- a/pkg/model/iam/tests/iam_builder_master_gossip.json +++ b/pkg/model/iam/tests/iam_builder_master_gossip.json @@ -110,6 +110,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -121,6 +122,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/pkg/model/iam/tests/iam_builder_master_gossip_ecr.json b/pkg/model/iam/tests/iam_builder_master_gossip_ecr.json index a5885f4f7e..a3e61a454d 100644 --- a/pkg/model/iam/tests/iam_builder_master_gossip_ecr.json +++ b/pkg/model/iam/tests/iam_builder_master_gossip_ecr.json @@ -110,6 +110,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -121,6 +122,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/pkg/model/iam/tests/iam_builder_master_strict.json b/pkg/model/iam/tests/iam_builder_master_strict.json index 534be978e7..8c05515578 100644 --- a/pkg/model/iam/tests/iam_builder_master_strict.json +++ b/pkg/model/iam/tests/iam_builder_master_strict.json @@ -110,6 +110,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -121,6 +122,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/pkg/model/iam/tests/iam_builder_master_strict_ecr.json b/pkg/model/iam/tests/iam_builder_master_strict_ecr.json index f691eaaec5..056f2145a7 100644 --- a/pkg/model/iam/tests/iam_builder_master_strict_ecr.json +++ b/pkg/model/iam/tests/iam_builder_master_strict_ecr.json @@ -110,6 +110,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -121,6 +122,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/additionalobjects/data/aws_iam_role_policy_masters.additionalobjects.example.com_policy b/tests/integration/update_cluster/additionalobjects/data/aws_iam_role_policy_masters.additionalobjects.example.com_policy index e7249f6d18..4c895d86fe 100644 --- a/tests/integration/update_cluster/additionalobjects/data/aws_iam_role_policy_masters.additionalobjects.example.com_policy +++ b/tests/integration/update_cluster/additionalobjects/data/aws_iam_role_policy_masters.additionalobjects.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/apiservernodes/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/apiservernodes/data/aws_iam_role_policy_masters.minimal.example.com_policy index 07a34e5a38..76b397382b 100644 --- a/tests/integration/update_cluster/apiservernodes/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/apiservernodes/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_iam_role_policy_masters.bastionuserdata.example.com_policy b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_iam_role_policy_masters.bastionuserdata.example.com_policy index 6434e579f5..5d581ad7e6 100644 --- a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_iam_role_policy_masters.bastionuserdata.example.com_policy +++ b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_iam_role_policy_masters.bastionuserdata.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/cluster-autoscaler-priority-expander-custom/data/aws_iam_role_policy_masters.cas-priority-expander-custom.example.com_policy b/tests/integration/update_cluster/cluster-autoscaler-priority-expander-custom/data/aws_iam_role_policy_masters.cas-priority-expander-custom.example.com_policy index 8f5de254af..3241408040 100644 --- a/tests/integration/update_cluster/cluster-autoscaler-priority-expander-custom/data/aws_iam_role_policy_masters.cas-priority-expander-custom.example.com_policy +++ b/tests/integration/update_cluster/cluster-autoscaler-priority-expander-custom/data/aws_iam_role_policy_masters.cas-priority-expander-custom.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/cluster-autoscaler-priority-expander/data/aws_iam_role_policy_masters.cas-priority-expander.example.com_policy b/tests/integration/update_cluster/cluster-autoscaler-priority-expander/data/aws_iam_role_policy_masters.cas-priority-expander.example.com_policy index 90f57ee28b..65d92a7769 100644 --- a/tests/integration/update_cluster/cluster-autoscaler-priority-expander/data/aws_iam_role_policy_masters.cas-priority-expander.example.com_policy +++ b/tests/integration/update_cluster/cluster-autoscaler-priority-expander/data/aws_iam_role_policy_masters.cas-priority-expander.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/complex/data/aws_iam_role_policy_masters.complex.example.com_policy b/tests/integration/update_cluster/complex/data/aws_iam_role_policy_masters.complex.example.com_policy index a5eefef3ad..f5761268a6 100644 --- a/tests/integration/update_cluster/complex/data/aws_iam_role_policy_masters.complex.example.com_policy +++ b/tests/integration/update_cluster/complex/data/aws_iam_role_policy_masters.complex.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/compress/data/aws_iam_role_policy_masters.compress.example.com_policy b/tests/integration/update_cluster/compress/data/aws_iam_role_policy_masters.compress.example.com_policy index 04bfd773b5..db6d05921c 100644 --- a/tests/integration/update_cluster/compress/data/aws_iam_role_policy_masters.compress.example.com_policy +++ b/tests/integration/update_cluster/compress/data/aws_iam_role_policy_masters.compress.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/containerd-custom/data/aws_iam_role_policy_masters.containerd.example.com_policy b/tests/integration/update_cluster/containerd-custom/data/aws_iam_role_policy_masters.containerd.example.com_policy index aabc62a021..d4c80695f3 100644 --- a/tests/integration/update_cluster/containerd-custom/data/aws_iam_role_policy_masters.containerd.example.com_policy +++ b/tests/integration/update_cluster/containerd-custom/data/aws_iam_role_policy_masters.containerd.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/containerd/data/aws_iam_role_policy_masters.containerd.example.com_policy b/tests/integration/update_cluster/containerd/data/aws_iam_role_policy_masters.containerd.example.com_policy index aabc62a021..d4c80695f3 100644 --- a/tests/integration/update_cluster/containerd/data/aws_iam_role_policy_masters.containerd.example.com_policy +++ b/tests/integration/update_cluster/containerd/data/aws_iam_role_policy_masters.containerd.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/digit/data/aws_iam_role_policy_masters.123.example.com_policy b/tests/integration/update_cluster/digit/data/aws_iam_role_policy_masters.123.example.com_policy index 158edc2e4a..e9e120564c 100644 --- a/tests/integration/update_cluster/digit/data/aws_iam_role_policy_masters.123.example.com_policy +++ b/tests/integration/update_cluster/digit/data/aws_iam_role_policy_masters.123.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/existing_sg/data/aws_iam_role_policy_masters.existingsg.example.com_policy b/tests/integration/update_cluster/existing_sg/data/aws_iam_role_policy_masters.existingsg.example.com_policy index 72b7ec3b7e..7fe6e44bb1 100644 --- a/tests/integration/update_cluster/existing_sg/data/aws_iam_role_policy_masters.existingsg.example.com_policy +++ b/tests/integration/update_cluster/existing_sg/data/aws_iam_role_policy_masters.existingsg.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/external_dns/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/external_dns/data/aws_iam_role_policy_masters.minimal.example.com_policy index 07a34e5a38..76b397382b 100644 --- a/tests/integration/update_cluster/external_dns/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/external_dns/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/externallb/data/aws_iam_role_policy_masters.externallb.example.com_policy b/tests/integration/update_cluster/externallb/data/aws_iam_role_policy_masters.externallb.example.com_policy index 167c25c515..1b0a2000ae 100644 --- a/tests/integration/update_cluster/externallb/data/aws_iam_role_policy_masters.externallb.example.com_policy +++ b/tests/integration/update_cluster/externallb/data/aws_iam_role_policy_masters.externallb.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/externalpolicies/data/aws_iam_role_policy_masters.externalpolicies.example.com_policy b/tests/integration/update_cluster/externalpolicies/data/aws_iam_role_policy_masters.externalpolicies.example.com_policy index 16935083f6..3ab532f4e7 100644 --- a/tests/integration/update_cluster/externalpolicies/data/aws_iam_role_policy_masters.externalpolicies.example.com_policy +++ b/tests/integration/update_cluster/externalpolicies/data/aws_iam_role_policy_masters.externalpolicies.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/ha/data/aws_iam_role_policy_masters.ha.example.com_policy b/tests/integration/update_cluster/ha/data/aws_iam_role_policy_masters.ha.example.com_policy index 91b55819bd..e40be16776 100644 --- a/tests/integration/update_cluster/ha/data/aws_iam_role_policy_masters.ha.example.com_policy +++ b/tests/integration/update_cluster/ha/data/aws_iam_role_policy_masters.ha.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/irsa/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/irsa/data/aws_iam_role_policy_masters.minimal.example.com_policy index 07a34e5a38..76b397382b 100644 --- a/tests/integration/update_cluster/irsa/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/irsa/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy index 5799e66dca..89ba38c735 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy @@ -6,8 +6,10 @@ "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeScalingActivities", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", - "ec2:DescribeLaunchTemplateVersions" + "ec2:DescribeLaunchTemplateVersions", + "ec2:GetInstanceTypesFromInstanceRequirements" ], "Effect": "Allow", "Resource": "*" diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy index 5799e66dca..89ba38c735 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy @@ -6,8 +6,10 @@ "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeScalingActivities", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", - "ec2:DescribeLaunchTemplateVersions" + "ec2:DescribeLaunchTemplateVersions", + "ec2:GetInstanceTypesFromInstanceRequirements" ], "Effect": "Allow", "Resource": "*" diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy index 5799e66dca..89ba38c735 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_iam_role_policy_cluster-autoscaler.kube-system.sa.minimal.example.com_policy @@ -6,8 +6,10 @@ "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeScalingActivities", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", - "ec2:DescribeLaunchTemplateVersions" + "ec2:DescribeLaunchTemplateVersions", + "ec2:GetInstanceTypesFromInstanceRequirements" ], "Effect": "Allow", "Resource": "*" diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/many-addons-ccm/data/aws_iam_role_policy_masters.minimal.example.com_policy index 81e72dc122..4fb59cee2b 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -222,6 +222,7 @@ "ec2:DeleteNetworkInterface", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", @@ -238,6 +239,7 @@ "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", + "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:ModifyNetworkInterfaceAttribute", "ec2:UnassignPrivateIpAddresses", "elasticloadbalancing:DescribeListenerCertificates", diff --git a/tests/integration/update_cluster/many-addons/data/aws_iam_role_policy_masters.many-addons.example.com_policy b/tests/integration/update_cluster/many-addons/data/aws_iam_role_policy_masters.many-addons.example.com_policy index 605963591a..02909236ad 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_iam_role_policy_masters.many-addons.example.com_policy +++ b/tests/integration/update_cluster/many-addons/data/aws_iam_role_policy_masters.many-addons.example.com_policy @@ -222,6 +222,7 @@ "ec2:DeleteNetworkInterface", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", @@ -238,6 +239,7 @@ "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", + "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:ModifyNetworkInterfaceAttribute", "ec2:UnassignPrivateIpAddresses", "elasticloadbalancing:DescribeListenerCertificates", diff --git a/tests/integration/update_cluster/minimal-1.25/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-1.25/data/aws_iam_role_policy_masters.minimal.example.com_policy index 19733dbf5b..0b7858c81d 100644 --- a/tests/integration/update_cluster/minimal-1.25/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-1.25/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-1.26/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-1.26/data/aws_iam_role_policy_masters.minimal.example.com_policy index 19733dbf5b..0b7858c81d 100644 --- a/tests/integration/update_cluster/minimal-1.26/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-1.26/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-1.27/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-1.27/data/aws_iam_role_policy_masters.minimal.example.com_policy index 19733dbf5b..0b7858c81d 100644 --- a/tests/integration/update_cluster/minimal-1.27/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-1.27/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-1.28/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-1.28/data/aws_iam_role_policy_masters.minimal.example.com_policy index 19733dbf5b..0b7858c81d 100644 --- a/tests/integration/update_cluster/minimal-1.28/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-1.28/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-1.29/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-1.29/data/aws_iam_role_policy_masters.minimal.example.com_policy index 19733dbf5b..0b7858c81d 100644 --- a/tests/integration/update_cluster/minimal-1.29/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-1.29/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-1.30/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-1.30/data/aws_iam_role_policy_masters.minimal.example.com_policy index 19733dbf5b..0b7858c81d 100644 --- a/tests/integration/update_cluster/minimal-1.30/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-1.30/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-aws/data/aws_iam_role_policy_masters.minimal-aws.example.com_policy b/tests/integration/update_cluster/minimal-aws/data/aws_iam_role_policy_masters.minimal-aws.example.com_policy index dd75fb7ba2..0c8e08bc92 100644 --- a/tests/integration/update_cluster/minimal-aws/data/aws_iam_role_policy_masters.minimal-aws.example.com_policy +++ b/tests/integration/update_cluster/minimal-aws/data/aws_iam_role_policy_masters.minimal-aws.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-dns-none/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-dns-none/data/aws_iam_role_policy_masters.minimal.example.com_policy index eea3852ed5..a0470341b8 100644 --- a/tests/integration/update_cluster/minimal-dns-none/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-dns-none/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -142,6 +142,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -153,6 +154,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeRepositories", diff --git a/tests/integration/update_cluster/minimal-etcd/data/aws_iam_role_policy_masters.minimal-etcd.example.com_policy b/tests/integration/update_cluster/minimal-etcd/data/aws_iam_role_policy_masters.minimal-etcd.example.com_policy index 21e7fb60af..ba72ad4c49 100644 --- a/tests/integration/update_cluster/minimal-etcd/data/aws_iam_role_policy_masters.minimal-etcd.example.com_policy +++ b/tests/integration/update_cluster/minimal-etcd/data/aws_iam_role_policy_masters.minimal-etcd.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-gp3/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/minimal-gp3/data/aws_iam_role_policy_masters.minimal.example.com_policy index 07a34e5a38..76b397382b 100644 --- a/tests/integration/update_cluster/minimal-gp3/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/minimal-gp3/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-ipv6-calico/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy b/tests/integration/update_cluster/minimal-ipv6-calico/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy index c68fa609ac..31ed845ba9 100644 --- a/tests/integration/update_cluster/minimal-ipv6-calico/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy +++ b/tests/integration/update_cluster/minimal-ipv6-calico/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy @@ -173,6 +173,7 @@ "ec2:AssignIpv6Addresses", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -185,6 +186,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-ipv6-cilium/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy b/tests/integration/update_cluster/minimal-ipv6-cilium/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy index c68fa609ac..31ed845ba9 100644 --- a/tests/integration/update_cluster/minimal-ipv6-cilium/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy +++ b/tests/integration/update_cluster/minimal-ipv6-cilium/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy @@ -173,6 +173,7 @@ "ec2:AssignIpv6Addresses", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -185,6 +186,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy b/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy index c68fa609ac..31ed845ba9 100644 --- a/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy +++ b/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy @@ -173,6 +173,7 @@ "ec2:AssignIpv6Addresses", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -185,6 +186,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy b/tests/integration/update_cluster/minimal-ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy index c68fa609ac..31ed845ba9 100644 --- a/tests/integration/update_cluster/minimal-ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy +++ b/tests/integration/update_cluster/minimal-ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy @@ -173,6 +173,7 @@ "ec2:AssignIpv6Addresses", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -185,6 +186,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-longclustername/data/aws_iam_role_policy_masters.this.is.truly.a.really.really.long.cluster-name.m-kaamp9_policy b/tests/integration/update_cluster/minimal-longclustername/data/aws_iam_role_policy_masters.this.is.truly.a.really.really.long.cluster-name.m-kaamp9_policy index e1fcb796bf..42721f7e63 100644 --- a/tests/integration/update_cluster/minimal-longclustername/data/aws_iam_role_policy_masters.this.is.truly.a.really.really.long.cluster-name.m-kaamp9_policy +++ b/tests/integration/update_cluster/minimal-longclustername/data/aws_iam_role_policy_masters.this.is.truly.a.really.really.long.cluster-name.m-kaamp9_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal-warmpool/data/aws_iam_role_policy_masters.minimal-warmpool.example.com_policy b/tests/integration/update_cluster/minimal-warmpool/data/aws_iam_role_policy_masters.minimal-warmpool.example.com_policy index 7438ed5da3..b413832094 100644 --- a/tests/integration/update_cluster/minimal-warmpool/data/aws_iam_role_policy_masters.minimal-warmpool.example.com_policy +++ b/tests/integration/update_cluster/minimal-warmpool/data/aws_iam_role_policy_masters.minimal-warmpool.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/minimal_gossip/data/aws_iam_role_policy_masters.minimal.k8s.local_policy b/tests/integration/update_cluster/minimal_gossip/data/aws_iam_role_policy_masters.minimal.k8s.local_policy index 354c35fdcd..55143ff2d4 100644 --- a/tests/integration/update_cluster/minimal_gossip/data/aws_iam_role_policy_masters.minimal.k8s.local_policy +++ b/tests/integration/update_cluster/minimal_gossip/data/aws_iam_role_policy_masters.minimal.k8s.local_policy @@ -142,6 +142,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -153,6 +154,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/mixed_instances/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy b/tests/integration/update_cluster/mixed_instances/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy index ccc0cecb8d..44aa122152 100644 --- a/tests/integration/update_cluster/mixed_instances/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy +++ b/tests/integration/update_cluster/mixed_instances/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/mixed_instances_spot/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy b/tests/integration/update_cluster/mixed_instances_spot/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy index ccc0cecb8d..44aa122152 100644 --- a/tests/integration/update_cluster/mixed_instances_spot/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy +++ b/tests/integration/update_cluster/mixed_instances_spot/data/aws_iam_role_policy_masters.mixedinstances.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/nth-imds-processor/data/aws_iam_role_policy_masters.nthimdsprocessor.longclustername.example.com_policy b/tests/integration/update_cluster/nth-imds-processor/data/aws_iam_role_policy_masters.nthimdsprocessor.longclustername.example.com_policy index 6da5763f3b..f896c96a52 100644 --- a/tests/integration/update_cluster/nth-imds-processor/data/aws_iam_role_policy_masters.nthimdsprocessor.longclustername.example.com_policy +++ b/tests/integration/update_cluster/nth-imds-processor/data/aws_iam_role_policy_masters.nthimdsprocessor.longclustername.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/nvidia/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/nvidia/data/aws_iam_role_policy_masters.minimal.example.com_policy index 07a34e5a38..76b397382b 100644 --- a/tests/integration/update_cluster/nvidia/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/nvidia/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/private-shared-ip/data/aws_iam_role_policy_masters.private-shared-ip.example.com_policy b/tests/integration/update_cluster/private-shared-ip/data/aws_iam_role_policy_masters.private-shared-ip.example.com_policy index 978a0784b4..844402a751 100644 --- a/tests/integration/update_cluster/private-shared-ip/data/aws_iam_role_policy_masters.private-shared-ip.example.com_policy +++ b/tests/integration/update_cluster/private-shared-ip/data/aws_iam_role_policy_masters.private-shared-ip.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/private-shared-subnet/data/aws_iam_role_policy_masters.private-shared-subnet.example.com_policy b/tests/integration/update_cluster/private-shared-subnet/data/aws_iam_role_policy_masters.private-shared-subnet.example.com_policy index 335f1e8d78..c39abc7791 100644 --- a/tests/integration/update_cluster/private-shared-subnet/data/aws_iam_role_policy_masters.private-shared-subnet.example.com_policy +++ b/tests/integration/update_cluster/private-shared-subnet/data/aws_iam_role_policy_masters.private-shared-subnet.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privatecalico/data/aws_iam_role_policy_masters.privatecalico.example.com_policy b/tests/integration/update_cluster/privatecalico/data/aws_iam_role_policy_masters.privatecalico.example.com_policy index 29602a5c25..3d26992b4f 100644 --- a/tests/integration/update_cluster/privatecalico/data/aws_iam_role_policy_masters.privatecalico.example.com_policy +++ b/tests/integration/update_cluster/privatecalico/data/aws_iam_role_policy_masters.privatecalico.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:ModifyNetworkInterfaceAttribute", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", diff --git a/tests/integration/update_cluster/privatecanal/data/aws_iam_role_policy_masters.privatecanal.example.com_policy b/tests/integration/update_cluster/privatecanal/data/aws_iam_role_policy_masters.privatecanal.example.com_policy index 92db221ec0..c6ea086481 100644 --- a/tests/integration/update_cluster/privatecanal/data/aws_iam_role_policy_masters.privatecanal.example.com_policy +++ b/tests/integration/update_cluster/privatecanal/data/aws_iam_role_policy_masters.privatecanal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privatecilium-eni/data/aws_iam_role_policy_masters.privatecilium.example.com_policy b/tests/integration/update_cluster/privatecilium-eni/data/aws_iam_role_policy_masters.privatecilium.example.com_policy index 956571fbb3..ad8928bd4a 100644 --- a/tests/integration/update_cluster/privatecilium-eni/data/aws_iam_role_policy_masters.privatecilium.example.com_policy +++ b/tests/integration/update_cluster/privatecilium-eni/data/aws_iam_role_policy_masters.privatecilium.example.com_policy @@ -177,6 +177,7 @@ "ec2:DeleteNetworkInterface", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -191,6 +192,7 @@ "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", + "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:ModifyNetworkInterfaceAttribute", "ec2:UnassignPrivateIpAddresses", "elasticloadbalancing:DescribeListeners", diff --git a/tests/integration/update_cluster/privatecilium/data/aws_iam_role_policy_masters.privatecilium.example.com_policy b/tests/integration/update_cluster/privatecilium/data/aws_iam_role_policy_masters.privatecilium.example.com_policy index 4aad16f326..a285a775d0 100644 --- a/tests/integration/update_cluster/privatecilium/data/aws_iam_role_policy_masters.privatecilium.example.com_policy +++ b/tests/integration/update_cluster/privatecilium/data/aws_iam_role_policy_masters.privatecilium.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privatecilium2/data/aws_iam_role_policy_masters.privatecilium.example.com_policy b/tests/integration/update_cluster/privatecilium2/data/aws_iam_role_policy_masters.privatecilium.example.com_policy index 4aad16f326..a285a775d0 100644 --- a/tests/integration/update_cluster/privatecilium2/data/aws_iam_role_policy_masters.privatecilium.example.com_policy +++ b/tests/integration/update_cluster/privatecilium2/data/aws_iam_role_policy_masters.privatecilium.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privateciliumadvanced/data/aws_iam_role_policy_masters.privateciliumadvanced.example.com_policy b/tests/integration/update_cluster/privateciliumadvanced/data/aws_iam_role_policy_masters.privateciliumadvanced.example.com_policy index ec97b787f9..ee4e135f10 100644 --- a/tests/integration/update_cluster/privateciliumadvanced/data/aws_iam_role_policy_masters.privateciliumadvanced.example.com_policy +++ b/tests/integration/update_cluster/privateciliumadvanced/data/aws_iam_role_policy_masters.privateciliumadvanced.example.com_policy @@ -187,6 +187,7 @@ "ec2:DeleteNetworkInterface", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -201,6 +202,7 @@ "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", + "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:ModifyNetworkInterfaceAttribute", "ec2:UnassignPrivateIpAddresses", "elasticloadbalancing:DescribeListeners", diff --git a/tests/integration/update_cluster/privatedns1/data/aws_iam_role_policy_masters.privatedns1.example.com_policy b/tests/integration/update_cluster/privatedns1/data/aws_iam_role_policy_masters.privatedns1.example.com_policy index 0a9cbc3c0f..ff6bd13e12 100644 --- a/tests/integration/update_cluster/privatedns1/data/aws_iam_role_policy_masters.privatedns1.example.com_policy +++ b/tests/integration/update_cluster/privatedns1/data/aws_iam_role_policy_masters.privatedns1.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privatedns2/data/aws_iam_role_policy_masters.privatedns2.example.com_policy b/tests/integration/update_cluster/privatedns2/data/aws_iam_role_policy_masters.privatedns2.example.com_policy index f4808a9231..50ad14a5f0 100644 --- a/tests/integration/update_cluster/privatedns2/data/aws_iam_role_policy_masters.privatedns2.example.com_policy +++ b/tests/integration/update_cluster/privatedns2/data/aws_iam_role_policy_masters.privatedns2.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privateflannel/data/aws_iam_role_policy_masters.privateflannel.example.com_policy b/tests/integration/update_cluster/privateflannel/data/aws_iam_role_policy_masters.privateflannel.example.com_policy index a2972e6141..9b6a6e7ad0 100644 --- a/tests/integration/update_cluster/privateflannel/data/aws_iam_role_policy_masters.privateflannel.example.com_policy +++ b/tests/integration/update_cluster/privateflannel/data/aws_iam_role_policy_masters.privateflannel.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/privatekopeio/data/aws_iam_role_policy_masters.privatekopeio.example.com_policy b/tests/integration/update_cluster/privatekopeio/data/aws_iam_role_policy_masters.privatekopeio.example.com_policy index 4d7cf5e00d..602af48137 100644 --- a/tests/integration/update_cluster/privatekopeio/data/aws_iam_role_policy_masters.privatekopeio.example.com_policy +++ b/tests/integration/update_cluster/privatekopeio/data/aws_iam_role_policy_masters.privatekopeio.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/shared_subnet/data/aws_iam_role_policy_masters.sharedsubnet.example.com_policy b/tests/integration/update_cluster/shared_subnet/data/aws_iam_role_policy_masters.sharedsubnet.example.com_policy index 19684aece5..97fab68cce 100644 --- a/tests/integration/update_cluster/shared_subnet/data/aws_iam_role_policy_masters.sharedsubnet.example.com_policy +++ b/tests/integration/update_cluster/shared_subnet/data/aws_iam_role_policy_masters.sharedsubnet.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/shared_vpc/data/aws_iam_role_policy_masters.sharedvpc.example.com_policy b/tests/integration/update_cluster/shared_vpc/data/aws_iam_role_policy_masters.sharedvpc.example.com_policy index da416d2553..7af056edbd 100644 --- a/tests/integration/update_cluster/shared_vpc/data/aws_iam_role_policy_masters.sharedvpc.example.com_policy +++ b/tests/integration/update_cluster/shared_vpc/data/aws_iam_role_policy_masters.sharedvpc.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/shared_vpc_ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy b/tests/integration/update_cluster/shared_vpc_ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy index c68fa609ac..31ed845ba9 100644 --- a/tests/integration/update_cluster/shared_vpc_ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy +++ b/tests/integration/update_cluster/shared_vpc_ipv6/data/aws_iam_role_policy_masters.minimal-ipv6.example.com_policy @@ -173,6 +173,7 @@ "ec2:AssignIpv6Addresses", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -185,6 +186,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/unmanaged/data/aws_iam_role_policy_masters.unmanaged.example.com_policy b/tests/integration/update_cluster/unmanaged/data/aws_iam_role_policy_masters.unmanaged.example.com_policy index 092eeeabdf..0b60eb971e 100644 --- a/tests/integration/update_cluster/unmanaged/data/aws_iam_role_policy_masters.unmanaged.example.com_policy +++ b/tests/integration/update_cluster/unmanaged/data/aws_iam_role_policy_masters.unmanaged.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", diff --git a/tests/integration/update_cluster/vfs-said/data/aws_iam_role_policy_masters.minimal.example.com_policy b/tests/integration/update_cluster/vfs-said/data/aws_iam_role_policy_masters.minimal.example.com_policy index 07a34e5a38..76b397382b 100644 --- a/tests/integration/update_cluster/vfs-said/data/aws_iam_role_policy_masters.minimal.example.com_policy +++ b/tests/integration/update_cluster/vfs-said/data/aws_iam_role_policy_masters.minimal.example.com_policy @@ -172,6 +172,7 @@ "autoscaling:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", @@ -183,6 +184,7 @@ "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", + "ec2:GetInstanceTypesFromInstanceRequirements", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies",