Trying to install an UPI cluster on C2S, but creating bootstrap stack failed. Stack Event: RegisterBootstrapApiTarget CREATE_FAILED Custom Resource failed to stabilize in expected time Additional info: Tried to change following services to lambda.c2s.ic.gov and ec2.c2s.ic.gov https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/02_cluster_infra.yaml#L245 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/02_cluster_infra.yaml#L310 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/04_cluster_bootstrap.yaml#L112 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/03_cluster_security.yaml#L498 https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/03_cluster_security.yaml#L563 But got following error (ec2 as an example) Invalid principal in policy: “SERVICE”:”ec2.c2s.ic.gov” (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: 0e94202b-e374-49f3-b0b6-0451d523d3a6; Proxy: null) Per C2S user guide, ec2.c2s.ic.gov should be valid: ``` * AmazonResourceNames(ARNs)(p.38)andendpoints(p.36)havedifferentvalues.Thevaluefora Principle: Service: key in a AWS CloudFormation Template is also different. In C2S it would look like this: “Statement”: [ { “Effect”: “Allow”, “Principal”: { “Service”: [ “ec2.c2s.ic.gov “ ] }, “Action”: [ “sts:AssumeRole” ] } ``` Looks like the CF templates need to be updated if UPI is supported in C2S.
Closing with no feedback.