Merge pull request #3130 from catherineluse/eks-permissions

Update EKS permissions

content/rancher/v2.0-v2.4/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md

@@ -231,6 +231,7 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
             "Sid": "EC2Permisssions",
             "Effect": "Allow",
             "Action": [
+                "ec2:RunInstances",
                 "ec2:RevokeSecurityGroupIngress",
                 "ec2:RevokeSecurityGroupEgress",
                 "ec2:DescribeVpcs",
@@ -238,6 +239,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DescribeSubnets",
                 "ec2:DescribeSecurityGroups",
                 "ec2:DescribeRouteTables",
+                "ec2:DescribeLaunchTemplateVersions",
+                "ec2:DescribeLaunchTemplates",
                 "ec2:DescribeKeyPairs",
                 "ec2:DescribeInternetGateways",
                 "ec2:DescribeImages",
@@ -248,6 +251,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DeleteKeyPair",
                 "ec2:CreateTags",
                 "ec2:CreateSecurityGroup",
+                "ec2:CreateLaunchTemplateVersion",
+                "ec2:CreateLaunchTemplate",
                 "ec2:CreateKeyPair",
                 "ec2:AuthorizeSecurityGroupIngress",
                 "ec2:AuthorizeSecurityGroupEgress"

content/rancher/v2.5/en/quick-start-guide/deployment/microsoft-azure-qs/_index.md

@@ -39,7 +39,6 @@ Suggestions include:
     - `azure_location` - Microsoft Azure region, choose the closest instead of the default
     - `prefix` - Prefix for all created resources
     - `instance_type` - Compute instance size used, minimum is `Standard_DS2_v2` but `Standard_DS2_v3` or `Standard_DS3_v2` could be used if within budget
-    - `ssh_key_file_name` - Use a specific SSH key instead of `~/.ssh/id_rsa` (public key is assumed to be `${ssh_key_file_name}.pub`)
 
 1. Run `terraform init`.
 
@@ -56,7 +55,7 @@ Suggestions include:
     ```
 
 1. Paste the `rancher_server_url` from the output above into the browser. Log in when prompted (default username is `admin`, use the password set in `rancher_server_admin_password`).
-
+2. ssh to the Rancher Server using the `id_rsa` key generated in `quickstart/azure`.
 #### Result
 
 Two Kubernetes clusters are deployed into your Azure account, one running Rancher Server and the other ready for experimentation deployments.

content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md

@@ -518,6 +518,7 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
             "Sid": "EC2Permisssions",
             "Effect": "Allow",
             "Action": [
+                "ec2:RunInstances",
                 "ec2:RevokeSecurityGroupIngress",
                 "ec2:RevokeSecurityGroupEgress",
                 "ec2:DescribeVpcs",
@@ -525,6 +526,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DescribeSubnets",
                 "ec2:DescribeSecurityGroups",
                 "ec2:DescribeRouteTables",
+                "ec2:DescribeLaunchTemplateVersions",
+                "ec2:DescribeLaunchTemplates",
                 "ec2:DescribeKeyPairs",
                 "ec2:DescribeInternetGateways",
                 "ec2:DescribeImages",
@@ -535,6 +538,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DeleteKeyPair",
                 "ec2:CreateTags",
                 "ec2:CreateSecurityGroup",
+                "ec2:CreateLaunchTemplateVersion",
+                "ec2:CreateLaunchTemplate",
                 "ec2:CreateKeyPair",
                 "ec2:AuthorizeSecurityGroupIngress",
                 "ec2:AuthorizeSecurityGroupEgress"