kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add DescribeRegions to nodeup privs

This commit is contained in:
Ole Markus With 2022-01-17 09:34:29 +01:00
parent 7e645187bc
commit b80488906f
76 changed files with 77 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/model/iam/iam_builder.go
View File

@ -763,6 +763,7 @@ func (b *PolicyBuilder) addNodeupPermissions(p *Policy, enableHookSupport bool)
addKMSGenerateRandomPolicies(p)
addASLifecyclePolicies(p, enableHookSupport)
p.unconditionalAction.Insert(
"ec2:DescribeRegions",
"ec2:DescribeInstances", // aws.go
"ec2:DescribeInstanceTypes",
)

1
pkg/model/iam/tests/iam_builder_node_strict.json
View File

@ -31,6 +31,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
pkg/model/iam/tests/iam_builder_node_strict_ecr.json
View File

@ -31,6 +31,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:DescribeRepositories",

2
tests/integration/update_cluster/apiservernodes/cloudformation.json
View File

@ -1194,6 +1194,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"
@ -1497,6 +1498,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/apiservernodes/data/aws_iam_role_policy_apiservers.minimal.example.com_policy
View File

@ -24,6 +24,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/apiservernodes/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/aws-lb-controller/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/bastionadditional_user-data/data/aws_iam_role_policy_nodes.bastionuserdata.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/complex/cloudformation.json
View File

@ -1860,6 +1860,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/complex/data/aws_iam_role_policy_nodes.complex.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/compress/data/aws_iam_role_policy_nodes.compress.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/containerd-custom/cloudformation.json
View File

@ -1232,6 +1232,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/containerd/cloudformation.json
View File

@ -1232,6 +1232,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/digit/data/aws_iam_role_policy_nodes.123.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/docker-custom/cloudformation.json
View File

@ -1232,6 +1232,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/existing_sg/data/aws_iam_role_policy_nodes.existingsg.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/external_dns/cloudformation.json
View File

@ -1232,6 +1232,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/external_dns/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/external_dns_irsa/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/externallb/cloudformation.json
View File

@ -1248,6 +1248,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/externallb/data/aws_iam_role_policy_nodes.externallb.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/externalpolicies/data/aws_iam_role_policy_nodes.externalpolicies.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/ha/data/aws_iam_role_policy_nodes.ha.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/irsa/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/karpenter/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_iam_role_policy_masters.minimal.example.com_policy
View File

@ -113,6 +113,7 @@
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeRegions",
"ec2:DescribeTags",
"ec2:DescribeVolumes",
"ec2:DetachNetworkInterface",

1
tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -43,6 +43,7 @@
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeRegions",
"ec2:DescribeTags",
"ec2:DetachNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",

1
tests/integration/update_cluster/many-addons-ccm/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -43,6 +43,7 @@
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeRegions",
"ec2:DescribeTags",
"ec2:DetachNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",

1
tests/integration/update_cluster/many-addons/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -43,6 +43,7 @@
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeRegions",
"ec2:DescribeTags",
"ec2:DetachNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",

1
tests/integration/update_cluster/minimal-1.23/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:DescribeRepositories",

1
tests/integration/update_cluster/minimal-1.24/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:DescribeRepositories",

1
tests/integration/update_cluster/minimal-etcd/cloudformation.json
View File

@ -1232,6 +1232,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-gp3/cloudformation.json
View File

@ -1228,6 +1228,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-gp3/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-ipv6-calico/cloudformation.json
View File

@ -1537,6 +1537,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:ModifyNetworkInterfaceAttribute",
"iam:GetServerCertificate",
"iam:ListServerCertificates",

1
tests/integration/update_cluster/minimal-ipv6-calico/data/aws_iam_role_policy_nodes.minimal-ipv6.example.com_policy
View File

@ -30,6 +30,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:ModifyNetworkInterfaceAttribute",
"iam:GetServerCertificate",
"iam:ListServerCertificates",

1
tests/integration/update_cluster/minimal-ipv6-cilium/cloudformation.json
View File

@ -1522,6 +1522,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-ipv6-cilium/data/aws_iam_role_policy_nodes.minimal-ipv6.example.com_policy
View File

@ -30,6 +30,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-ipv6-private/data/aws_iam_role_policy_nodes.minimal-ipv6.example.com_policy
View File

@ -30,6 +30,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-ipv6/cloudformation.json
View File

@ -1522,6 +1522,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-ipv6/data/aws_iam_role_policy_nodes.minimal-ipv6.example.com_policy
View File

@ -30,6 +30,7 @@
"ec2:AssignIpv6Addresses",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal-warmpool/data/aws_iam_role_policy_nodes.minimal-warmpool.example.com_policy
View File

@ -30,6 +30,7 @@
"autoscaling:DescribeLifecycleHooks",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal/cloudformation.json
View File

@ -1232,6 +1232,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal_gossip/data/aws_iam_role_policy_nodes.minimal.k8s.local_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/minimal_gossip_irsa/data/aws_iam_role_policy_nodes.minimal.k8s.local_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/mixed_instances/cloudformation.json
View File

@ -1951,6 +1951,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/mixed_instances/data/aws_iam_role_policy_nodes.mixedinstances.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/mixed_instances_spot/cloudformation.json
View File

@ -1952,6 +1952,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/mixed_instances_spot/data/aws_iam_role_policy_nodes.mixedinstances.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/nth_sqs_resources/cloudformation.json
View File

@ -1373,6 +1373,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/nth_sqs_resources/data/aws_iam_role_policy_nodes.nthsqsresources.longclustername.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/nvidia/cloudformation.json
View File

@ -1245,6 +1245,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/nvidia/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/private-shared-ip/cloudformation.json
View File

@ -1752,6 +1752,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/private-shared-ip/data/aws_iam_role_policy_nodes.private-shared-ip.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/private-shared-subnet/data/aws_iam_role_policy_nodes.private-shared-subnet.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatecalico/cloudformation.json
View File

@ -1909,6 +1909,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:ModifyNetworkInterfaceAttribute",
"iam:GetServerCertificate",
"iam:ListServerCertificates",

1
tests/integration/update_cluster/privatecalico/data/aws_iam_role_policy_nodes.privatecalico.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:ModifyNetworkInterfaceAttribute",
"iam:GetServerCertificate",
"iam:ListServerCertificates",

1
tests/integration/update_cluster/privatecanal/data/aws_iam_role_policy_nodes.privatecanal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatecilium/cloudformation.json
View File

@ -1894,6 +1894,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatecilium/data/aws_iam_role_policy_nodes.privatecilium.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatecilium2/cloudformation.json
View File

@ -1894,6 +1894,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatecilium2/data/aws_iam_role_policy_nodes.privatecilium.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privateciliumadvanced/cloudformation.json
View File

@ -1946,6 +1946,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privateciliumadvanced/data/aws_iam_role_policy_nodes.privateciliumadvanced.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatedns1/data/aws_iam_role_policy_nodes.privatedns1.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatedns2/data/aws_iam_role_policy_nodes.privatedns2.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privateflannel/data/aws_iam_role_policy_nodes.privateflannel.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privatekopeio/data/aws_iam_role_policy_nodes.privatekopeio.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/privateweave/data/aws_iam_role_policy_nodes.privateweave.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/public-jwks-apiserver/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/shared_subnet/data/aws_iam_role_policy_nodes.sharedsubnet.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/shared_vpc/data/aws_iam_role_policy_nodes.sharedvpc.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/unmanaged/data/aws_iam_role_policy_nodes.unmanaged.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"

1
tests/integration/update_cluster/vfs-said/data/aws_iam_role_policy_nodes.minimal.example.com_policy
View File

@ -29,6 +29,7 @@
"autoscaling:DescribeAutoScalingInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kms:GenerateRandom"