Apply updates to the AWS-based management clusters¶
To complete the AWS-based management cluster upgrade to version 2.1.0, manually update the IAM policies for AWS before updating your AWS-based managed clusters.
To update the IAM policies for AWS:
Choose from the following options:
Update the IAM policies using
get_container_cloud.sh
:On any local machine, download and run the latest version of the Container Cloud bootstrap script:
wget https://binary.mirantis.com/releases/get_container_cloud.sh chmod 0755 get_container_cloud.sh ./get_container_cloud.sh
Change the directory to the
kaas-bootstrap
folder created by theget_container_cloud.sh
script.Export the following parameters by adding the corresponding values for the AWS
admin
credentials:export AWS_SECRET_ACCESS_KEY=XXXXXXX export AWS_ACCESS_KEY_ID=XXXXXXX export AWS_DEFAULT_REGION=us-east-2
Update the AWS
CloudFormation
template for IAM policy:./container-cloud bootstrap aws policy
Update the IAM policies using the AWS Management Console:
Log in to your AWS Management Console.
Verify that the
controllers.cluster-api-provider-aws.kaas.mirantis.com
role or another AWS role that you use for Container Cloud users contains the following permissions:"ec2:DescribeRegions", "ec2:DescribeInstanceTypes"
Otherwise, add these permissions manually.
Proceed to updating your AWS-based managed clusters as described in Operations Guide: Update a managed cluster.