Skip to content

Commit 16db88d

Browse files
committed
[Security] Add permissions to create/delete service linked roles created by ELB and ASG.
These permissions are required to create clusters with login nodes. Signed-off-by: Giacomo Marciani <mgiacomo@amazon.com>
1 parent 77bb3ce commit 16db88d

File tree

2 files changed

+3
-0
lines changed

2 files changed

+3
-0
lines changed

CHANGELOG.md

+1
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ CHANGELOG
1212
**BUG FIXES**
1313
- When mounting an external OpenZFS, it is no longer required to set the outbound rules for ports 111, 2049, 20001, 20002, 20003.
1414
- Fix an issue where changes in sequence of custom actions scripts were not detected during cluster updates.
15+
- Add missing permissions for ParallelCluster API to create the service linked roles for Elastic Load Balancing and Auto Scaling, that are required to deploy login nodes.
1516

1617
3.11.1
1718
------

cloudformation/policies/parallelcluster-policies.yaml

+2
Original file line numberDiff line numberDiff line change
@@ -489,6 +489,8 @@ Resources:
489489
iam:AWSServiceName:
490490
- fsx.amazonaws.com
491491
- s3.data-source.lustre.fsx.amazonaws.com
492+
- elasticloadbalancing.amazonaws.com
493+
- autoscaling.amazonaws.com
492494
- Action:
493495
- lambda:CreateFunction
494496
- lambda:TagResource

0 commit comments

Comments
 (0)