Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revert "Upgrade terraformer #294" #301

Merged
merged 1 commit into from
Mar 29, 2021
Merged

Revert "Upgrade terraformer #294" #301

merged 1 commit into from
Mar 29, 2021

Conversation

ialidzhikov
Copy link
Member

@ialidzhikov ialidzhikov commented Mar 29, 2021
edited
Loading

/kind bug

This reverts commit c57ddb7.

The new version of terraformer comes with a new version of terraform-provider-aws - ref gardener/terraformer#84. The new version of terraform-provider-aws requires permissions for iam:ListRolePolicies which is currently not part of our officially recommended IAM policy. So it is incompatible change:

* reading inline policies for IAM role shoot--foo--bar-nodes, error: AccessDenied: User: technical-user is not authorized to perform: iam:ListRolePolicies on resource: role shoot--foo--bar-nodes
	status code: 403, request id: <omitted>

Release note:

An issue causing Infrastructure reconciliation to fail because of insufficient privileges is now fixed.

@ialidzhikov ialidzhikov requested review from a team as code owners March 29, 2021 16:00
@gardener-robot gardener-robot added needs/review Needs review size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) labels Mar 29, 2021
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Mar 29, 2021
@gardener-robot-ci-1 gardener-robot-ci-1 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Mar 29, 2021
vpnachev
vpnachev approved these changes Mar 29, 2021
View reviewed changes
Copy link
Member

@vpnachev vpnachev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-robot gardener-robot added reviewed/lgtm Has approval for merging and removed needs/review Needs review labels Mar 29, 2021
@vpnachev vpnachev mentioned this pull request Mar 29, 2021
Merged
@ialidzhikov ialidzhikov mentioned this pull request Mar 29, 2021
Merged
@vpnachev vpnachev merged commit ef6b2d3 into gardener:master Mar 29, 2021
@ialidzhikov ialidzhikov deleted the fix/permission-issue branch April 2, 2021 14:49
@gardener gardener deleted a comment from gardener-robot Apr 15, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vpnachev vpnachev vpnachev approved these changes

Assignees
No one assigned
Labels
kind/bug Bug needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) reviewed/lgtm Has approval for merging size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ialidzhikov @vpnachev @gardener-robot-ci-1 @gardener-robot-ci-3 @gardener-robot