From 1af36ba0b662d04219f18f4d55a596fe2960a481 Mon Sep 17 00:00:00 2001 From: Sunny Date: Mon, 23 Dec 2024 13:32:24 +0000 Subject: [PATCH] oci/int: Grant new permissions needed by AWS infra terraform-aws-eks version v20.31.4 introduced new tag policies that require extra permissions. Refer https://github.com/terraform-aws-modules/terraform-aws-eks/releases/tag/v20.31.4. Signed-off-by: Sunny --- oci/tests/integration/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/oci/tests/integration/README.md b/oci/tests/integration/README.md index 105d3da2..8c847ead 100644 --- a/oci/tests/integration/README.md +++ b/oci/tests/integration/README.md @@ -155,16 +155,22 @@ provisioning the infrastructure and running the tests: "eks:UpdateNodegroupVersion", "iam:AttachRolePolicy", "iam:CreateOpenIDConnectProvider", + "iam:CreatePolicy", "iam:CreateRole", "iam:DeleteOpenIDConnectProvider", + "iam:DeletePolicy", "iam:DeleteRole", "iam:DetachRolePolicy", "iam:GetOpenIDConnectProvider", + "iam:GetPolicy", + "iam:GetPolicyVersion", "iam:GetRole", "iam:ListAttachedRolePolicies", "iam:ListInstanceProfilesForRole", + "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:TagOpenIDConnectProvider", + "iam:TagPolicy", "iam:TagRole", "ssm:GetParameters" ], @@ -294,16 +300,22 @@ module "aws_gh_actions" { "eks:UpdateNodegroupVersion", "iam:AttachRolePolicy", "iam:CreateOpenIDConnectProvider", + "iam:CreatePolicy", "iam:CreateRole", "iam:DeleteOpenIDConnectProvider", + "iam:DeletePolicy", "iam:DeleteRole", "iam:DetachRolePolicy", "iam:GetOpenIDConnectProvider", + "iam:GetPolicy", + "iam:GetPolicyVersion", "iam:GetRole", "iam:ListAttachedRolePolicies", "iam:ListInstanceProfilesForRole", + "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:TagOpenIDConnectProvider", + "iam:TagPolicy", "iam:TagRole", "ssm:GetParameters" ]