From 6f9176e8c70a81ea2df943000961602cb4bb649c Mon Sep 17 00:00:00 2001 From: barbacbd Date: Thu, 13 Nov 2025 15:52:39 -0500 Subject: [PATCH] OCPBUGS-63305: Make SimulatePrincipalPolicy optional Removing SimulatePrincipalPolicy as a required permission for Mint and Passthrough modes. Instead it will be required when a credential mode is not set. --- pkg/asset/installconfig/aws/permissions.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkg/asset/installconfig/aws/permissions.go b/pkg/asset/installconfig/aws/permissions.go index 42734e1e34..4fe4ca9b6b 100644 --- a/pkg/asset/installconfig/aws/permissions.go +++ b/pkg/asset/installconfig/aws/permissions.go @@ -173,7 +173,6 @@ var permissions = map[PermissionGroup][]string{ "iam:ListRoles", "iam:ListUsers", "iam:PassRole", - "iam:SimulatePrincipalPolicy", "iam:TagInstanceProfile", "iam:TagRole", @@ -375,7 +374,6 @@ var permissions = map[PermissionGroup][]string{ PermissionPassthroughCreds: { // so we can query whether we have the below list of creds "iam:GetUser", - "iam:SimulatePrincipalPolicy", // openshift-ingress "elasticloadbalancing:DescribeLoadBalancers",