Bug 1467508
Summary: | [DOCS] AWS configuration does not describe how to use IAM Roles | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Gaurav Nelson <gnelson> |
Component: | Documentation | Assignee: | Gaurav Nelson <gnelson> |
Status: | CLOSED NOTABUG | QA Contact: | Chao Yang <chaoyang> |
Severity: | unspecified | Docs Contact: | Vikram Goyal <vigoyal> |
Priority: | unspecified | ||
Version: | 3.4.0 | CC: | aos-bugs, jhou, jokerman, mmccomas, rcook, stwalter, vigoyal |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | 1462823 | Environment: | |
Last Closed: | 2017-08-04 13:53:17 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1462823 | ||
Bug Blocks: |
Comment 2
Ryan Cook
2017-07-24 21:01:23 UTC
There are no changes needed in docs other than what's already done in Bug #1462823 I dont understand why this is closed. The questions are not answered in the docs or here. 2. Can we be more precise in granting privileges. The ec2:* in the example you give may be a problem. If I need to set aws as the cloud provider but all I need is to dynamically assign Elastic Block Storage for persistent volumes, can I change ec2:* to a smaller list of permissions? We still have no indication in the docs as to what permissions are required by the role used -- in instances where the user wants to lock it down. To clarify this isn't about launching instances at all, this is about EBS volumes. Thats why this bug was forked. Hello Steven, we are working on getting those done as part of https://bugzilla.redhat.com/show_bug.cgi?id=1452816, which is documenting permissions for all cloud providers. |