Bug 1577239

Summary: [DOCS] Permission to delete security groups required in AWS IAM policy
Product: OpenShift Container Platform Reporter: Robert Bost <rbost>
Component: DocumentationAssignee: Gaurav Nelson <gnelson>
Status: CLOSED CURRENTRELEASE QA Contact: Chao Yang <chaoyang>
Severity: unspecified Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 3.9.0CC: aos-bugs, jokerman, mmccomas, palonsor, rcook
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-06-12 03:26:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Robert Bost 2018-05-11 14:18:00 UTC
Document URL:  https://docs.openshift.com/container-platform/3.9/install_config/configuring_aws.html

Section Number and Name: No section present for configuring IAM policy.

Describe the issue: Created an AWS ELB loadbalancer service in OpenShift and when the service is deleted, the ELB remains. This is due to the IAM policy profile not having permission to delete security groups.

Suggestions for improvement: Add section on configuration needs for an IAM policy.

Comment 4 Ryan Cook 2018-06-08 15:07:03 UTC
@gaurav correct this should be added to the documentation

Comment 5 Gaurav Nelson 2018-06-11 00:09:51 UTC
Thank you @Ryan.

The suggested changes are in PR https://github.com/openshift/openshift-docs/pull/9970

Comment 6 Chao Yang 2018-06-11 07:02:30 UTC
The fix in the pr is OK

Comment 7 openshift-github-bot 2018-06-11 23:05:33 UTC
Commit pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/aa107e305e8dfe93742fe467a06c076c378b4bc6
Merge pull request #9970 from gaurav-nelson/bug1577239-fixes

added ec2:DeleteSecurityGroup to aws permissions