terraform: add missing permission to AWS iam

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2025-02-22 07:50:04 -05:00 · 2023-04-03 12:11:56 +02:00 · 2023-04-03 12:11:56 +02:00 · 176d32599f
commit 176d32599f
parent 63b07ede8a
2 changed files with 2 additions and 0 deletions
--- a/cli/internal/terraform/terraform/iam/aws/main.tf
+++ b/cli/internal/terraform/terraform/iam/aws/main.tf
@ -63,6 +63,7 @@ resource "aws_iam_policy" "control_plane_policy" {
        "ec2:DeleteRoute",
        "ec2:DeleteSecurityGroup",
        "ec2:DeleteVolume",
+        "ec2:DescribeAvailabilityZones",
        "ec2:DescribeImages",
        "ec2:DescribeInstances",
        "ec2:DescribeRegions",
--- a/docs/docs/getting-started/install.md
+++ b/docs/docs/getting-started/install.md
@ -312,6 +312,7 @@ To [create a Constellation cluster](../workflows/create.md#the-create-step), you
                "ec2:DeleteVpc",
                "ec2:DescribeAccountAttributes",
                "ec2:DescribeAddresses",
+                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeInternetGateways",
                "ec2:DescribeLaunchTemplates",
                "ec2:DescribeLaunchTemplateVersions",