Cannot delete cluster build outside of PCM

[stephenmsachs]

ParallelClusters created outside of PCM are listed on the PCM main page and there is a functioning Delete button. But PCM has insufficient IAM permissions to delete clusters created outside of PCM, thus the CFN stack wil go to state "DELETE_FAILED".

Error message: "API: iam:DetachRolePolicy User: arn:aws:sts::XXXXXXXXXX:assumed-role/stesachs-pcluster-manager-ParallelClusterUserRole-1D9BDG028QH9H/stesachs-pcluster-manager--ParallelClusterFunction-yUrGn2AGbR5F is not authorized to perform: iam:DetachRolePolicy on resource: role clustername-Role24989d8ee41c1575-1Q55UE4K27TZ0 because no identity-based policy allows the iam:DetachRolePolicy action"

[mendaomn]

Thank you, we'll investigate the issue and report here when we fix it

[sean-smith]

This is also true for clusters created within pcluster manager.

[mendaomn]

This is also true for clusters created within pcluster manager.

Meaning by creating a cluster on a PCM installation, you cannot manage it or delete it via another PCM installation on the same account?

EDIT: I could successfully delete a cluster created via another PCM installation on the same account

[mendaomn]

This may be related to https://github.com/aws/aws-parallelcluster/issues/4031, will keep you posted as soon as we either have a fix or a workaround