1800329 – Move IAM role check to after manifest generation

Bug 1800329 - Move IAM role check to after manifest generation

Summary: Move IAM role check to after manifest generation

Keywords:
Status:	CLOSED DUPLICATE of bug 1796347
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	4.3.z
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Target Release:	---
Assignee:	Abhinav Dahiya
QA Contact:	Johnny Liu
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-02-06 21:16 UTC by Mike Barrett
Modified:	2020-02-06 21:23 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-02-06 21:23:35 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Mike Barrett 2020-02-06 21:16:54 UTC

Description of problem:

https://issues.redhat.com/browse/CORS-1304

Today the OCP4 IPI and UPI install will check the AWS account given to it for all of these IAM roles:

https://gist.github.com/sjenning/f0a6eb84475839cf81f601553532304a

Even if the user installing the cluster has not desire to have their resulting cluster perform those activities that need those IAM roles.  This check is at the beginning of the installation before the installation manifests are generated that would tell the install what the cluster is being asked to do.

This bug is to ask that the IAM role check (which is still valid and needed) be moved after the manifest generation process so that it can more correctly check the given IAM roles against what the cluster will be doing.

Comment 1 Abhinav Dahiya 2020-02-06 21:23:35 UTC


*** This bug has been marked as a duplicate of bug 1796347 ***

Note You need to log in before you can comment on or make changes to this bug.