From d1af56fd26a8e4840c16e741c542bc0d91ce921c Mon Sep 17 00:00:00 2001 From: Chris Soyars Date: Fri, 15 Mar 2024 10:44:50 -0700 Subject: [PATCH] Allow associating additional CIDR blocks to VPC (#26) * Allow associating additional VPC CIDR blocks to VPC * Also add to provisioner --- union-ai-admin/aws/gen/unionai-provisioner-role.template.yaml | 1 + union-ai-admin/aws/script/generate.py | 1 + union-ai-admin/aws/union-ai-admin-role.template.yaml | 1 + 3 files changed, 3 insertions(+) diff --git a/union-ai-admin/aws/gen/unionai-provisioner-role.template.yaml b/union-ai-admin/aws/gen/unionai-provisioner-role.template.yaml index e9cd775..22422b4 100644 --- a/union-ai-admin/aws/gen/unionai-provisioner-role.template.yaml +++ b/union-ai-admin/aws/gen/unionai-provisioner-role.template.yaml @@ -78,6 +78,7 @@ Resources: - ec2:DeleteFlowLogs - ec2:CreateFlowLogs - ec2:CreateVpc + - ec2:AssociateVpcCidrBlock - ec2:ReleaseAddress - ec2:CreateTags - ec2:RunInstances diff --git a/union-ai-admin/aws/script/generate.py b/union-ai-admin/aws/script/generate.py index 8ad4784..6dc0610 100644 --- a/union-ai-admin/aws/script/generate.py +++ b/union-ai-admin/aws/script/generate.py @@ -546,6 +546,7 @@ def create_provisioner_policy(role_type): Action("ec2", "DeleteFlowLogs"), Action("ec2", "CreateFlowLogs"), Action("ec2", "CreateVpc"), + Action("ec2", "AssociateVpcCidrBlock"), Action("ec2", "ReleaseAddress"), Action("ec2", "CreateTags"), Action("ec2", "RunInstances"), diff --git a/union-ai-admin/aws/union-ai-admin-role.template.yaml b/union-ai-admin/aws/union-ai-admin-role.template.yaml index d878832..3da7949 100644 --- a/union-ai-admin/aws/union-ai-admin-role.template.yaml +++ b/union-ai-admin/aws/union-ai-admin-role.template.yaml @@ -187,6 +187,7 @@ Resources: - 'ec2:DeleteVpc' - 'ec2:CreateSubnet' - 'ec2:DescribeVpcAttribute' + - 'ec2:AssociateVpcCidrBlock' Resource: - !Sub 'arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:vpc/*' - Sid: VisualEditor9