From ff8a2642eda55b61f1f735808be0e3bfc7a6466b Mon Sep 17 00:00:00 2001
From: Rey Lejano <rlejano@gmail.com>
Date: Wed, 24 Mar 2021 08:09:09 -0700
Subject: [PATCH] update minimum eks permissions

---
 .../hosted-kubernetes-clusters/eks/_index.md                 | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/content/rancher/v2.5/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md b/content/rancher/v2.5/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
index 103337c9c6e..92fab1a1bce 100644
--- a/content/rancher/v2.5/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
+++ b/content/rancher/v2.5/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
@@ -517,6 +517,7 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
             "Sid": "EC2Permisssions",
             "Effect": "Allow",
             "Action": [
+                "ec2:RunInstances",
                 "ec2:RevokeSecurityGroupIngress",
                 "ec2:RevokeSecurityGroupEgress",
                 "ec2:DescribeVpcs",
@@ -524,6 +525,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DescribeSubnets",
                 "ec2:DescribeSecurityGroups",
                 "ec2:DescribeRouteTables",
+                "ec2:DescribeLaunchTemplateVersions",
+                "ec2:DescribeLaunchTemplates",
                 "ec2:DescribeKeyPairs",
                 "ec2:DescribeInternetGateways",
                 "ec2:DescribeImages",
@@ -534,6 +537,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DeleteKeyPair",
                 "ec2:CreateTags",
                 "ec2:CreateSecurityGroup",
+                "ec2:CreateLaunchTemplateVersion",
+                "ec2:CreateLaunchTemplate",
                 "ec2:CreateKeyPair",
                 "ec2:AuthorizeSecurityGroupIngress",
                 "ec2:AuthorizeSecurityGroupEgress"