Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Infrastructure] Add EC2 permissions required by PCUI private deployment only when private deployment is enabled. #297

Merged
merged 1 commit into from
Dec 12, 2023
Merged

[Infrastructure] Add EC2 permissions required by PCUI private deployment only when private deployment is enabled. #297

merged 1 commit into from
Dec 12, 2023

Conversation

gmarciani
Copy link
Collaborator

Description

Add EC2 permissions required by PCUI private deployment only when private deployment is enabled.
In particular, the following permissions are required by the PCUI Lambda execution role when private deployment is enabled:

  1. ec2:CreateNetworkInterface
  2. ec2:DeleteNetworkInterface
  3. ec2:AttachNetworkInterface
  4. ec2:DescribeNetworkInterfaces
  5. ec2:DescribeInstances

How Has This Been Tested?

  1. Deployed in personal environment with private deployment disabled: deployment succeeded, extra permissions not deployed, cluster creation succeeded.
  2. Deployed in personal environment with private deployment enable: deployment succeeded, extra permissions are deployed, cluster creation succeeded.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@gmarciani gmarciani marked this pull request as ready for review December 11, 2023 17:39
@gmarciani gmarciani force-pushed the wip/mgiacomo/2023120/scope-down-ec2-permissions branch from f38ec35 to cc36fbd Compare December 11, 2023 17:48
@gmarciani
[Infrastructure] Add EC2 permissions required by PCUI private deploym…
cc62188 
…ent only when private deployment is enabled.
@gmarciani gmarciani force-pushed the wip/mgiacomo/2023120/scope-down-ec2-permissions branch from cc36fbd to cc62188 Compare December 12, 2023 08:38
@gmarciani gmarciani merged commit b082880 into aws:main Dec 12, 2023
2 checks passed
@gmarciani gmarciani deleted the wip/mgiacomo/2023120/scope-down-ec2-permissions branch December 12, 2023 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BarcoMasile BarcoMasile BarcoMasile approved these changes

Assignees
No one assigned
Labels
release:improvement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gmarciani @BarcoMasile