Apply updates to the AWS-based management clusters

To complete the AWS-based management cluster upgrade to version 2.1.0, manually update the IAM policies for AWS before updating your AWS-based managed clusters.

To update the IAM policies for AWS:

1. Choose from the following options:

   • Update the IAM policies using get_container_cloud.sh:

     1. On any local machine, download and run the latest version of the Container Cloud bootstrap script:

        wget https://binary.mirantis.com/releases/get_container_cloud.sh
        
        chmod 0755 get_container_cloud.sh
        
        ./get_container_cloud.sh
        

     2. Change the directory to the kaas-bootstrap folder created by the get_container_cloud.sh script.

     3. Export the following parameters by adding the corresponding values for the AWS admin credentials:

        export AWS_SECRET_ACCESS_KEY=XXXXXXX
        export AWS_ACCESS_KEY_ID=XXXXXXX
        export AWS_DEFAULT_REGION=us-east-2
        

     4. Update the AWS CloudFormation template for IAM policy:

        ./container-cloud bootstrap aws policy
        

   • Update the IAM policies using the AWS Management Console:

     1. Log in to your AWS Management Console.

     2. Verify that the controllers.cluster-api-provider-aws.kaas.mirantis.com role or another AWS role that you use for Container Cloud users contains the following permissions:

        "ec2:DescribeRegions", "ec2:DescribeInstanceTypes"
        

        Otherwise, add these permissions manually.

2. Proceed to updating your AWS-based managed clusters as described in Operations Guide: Update a managed cluster.