Required roles/permissions to install the icp/openshift in AWS

[udhayas]

Hi team,

Could you please confirm us on the complete list of permissions policies required to install/configure ICP on AWS successfully and the reason as well.

Thank you

-udhay

[shaithal]

https://docs.openshift.com/container-platform/4.3/installing/installing_aws/installing-aws-account.html#installation-aws-permissions_installing-aws-account Since we use IPI based OCP installation, please refer the above link for IAM roles and permission.

[udhayas]

Thanks for the response shaithal.

the permissions and roles mentioned in the link are a concern from security perspective, is there a bare minimum role that can be used for the IPI. If not, then can you confirm that once the installation is complete the VM is destroyed at the end of installation and the roles created are also removed

Thanks Udhay

[shaithal]

For IPI installation, it requires a user with administrative privilege and we are creating it as part of quickstart. From quickstart perspective all the resources created by Cloudformation will be deleted when the stack deletion happens.