Skip to content

Commit

Permalink
Add permission to delete kubernetes.io/cluster/* tag from subnets on HCP
Browse files Browse the repository at this point in the history
  • Loading branch information
@fahlmant
fahlmant committed Nov 22, 2024
1 parent f2c6f75 commit bd92bea
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 0 deletions.
17 changes: 17 additions & 0 deletions resources/sts/4.16/hypershift/sts_hcp_installer_permission_policy.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -322,6 +322,23 @@
}
}
},
{
"Sid": "DeleteTagsK8sSubnet",
"Effect": "Allow",
"Action": [
"ec2:DeleteTags"
],
"Resource": [
"arn:aws:ec2:*:*:subnet/*"
],
"Condition": {
"ForAllValues:StringLike": {
"aws:TagKeys": [
"kubernetes.io/cluster/*"
]
}
}
},
{
"Sid": "ListPoliciesAttachedToRoles",
"Effect": "Allow",
Expand Down
17 changes: 17 additions & 0 deletions resources/sts/4.17/hypershift/sts_hcp_installer_permission_policy.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -322,6 +322,23 @@
}
}
},
{
"Sid": "DeleteTagsK8sSubnet",
"Effect": "Allow",
"Action": [
"ec2:DeleteTags"
],
"Resource": [
"arn:aws:ec2:*:*:subnet/*"
],
"Condition": {
"ForAllValues:StringLike": {
"aws:TagKeys": [
"kubernetes.io/cluster/*"
]
}
}
},
{
"Sid": "ListPoliciesAttachedToRoles",
"Effect": "Allow",
Expand Down

0 comments on commit bd92bea

Please sign in to comment.