Description of problem: As reported by account team working with this change, the following permissions are also observed needed on MasterIamRole when modifying default ingress to be internal: "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInstanceAttribute", "ec2:DescribeInternetGateways", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:ModifyTargetGroupAttributes", Version-Release number of the following components: OpenShift 4.5 How reproducible: Always Steps to Reproduce: 1. Install 4.5 2. Attempt to convert ingress to internal 3. Doesn't take. Actual results: No internal ingress is rendered. Expected results: It should. Additional info:
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409