From be837e7f5ede4b21a911bbbef27e42f278164876 Mon Sep 17 00:00:00 2001
From: Catherine Luse <catherine.luse@gmail.com>
Date: Thu, 25 Mar 2021 20:47:19 -0700
Subject: [PATCH] Modify EKS permissions #3127

---
 .../hosted-kubernetes-clusters/eks/_index.md                 | 5 +++++
 .../hosted-kubernetes-clusters/eks/_index.md                 | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/content/rancher/v2.0-v2.4/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md b/content/rancher/v2.0-v2.4/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
index 3d2bac5a6c4..4bbe6983d39 100644
--- a/content/rancher/v2.0-v2.4/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
+++ b/content/rancher/v2.0-v2.4/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
@@ -231,6 +231,7 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
             "Sid": "EC2Permisssions",
             "Effect": "Allow",
             "Action": [
+                "ec2:RunInstances",
                 "ec2:RevokeSecurityGroupIngress",
                 "ec2:RevokeSecurityGroupEgress",
                 "ec2:DescribeVpcs",
@@ -238,6 +239,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DescribeSubnets",
                 "ec2:DescribeSecurityGroups",
                 "ec2:DescribeRouteTables",
+                "ec2:DescribeLaunchTemplateVersions",
+                "ec2:DescribeLaunchTemplates",
                 "ec2:DescribeKeyPairs",
                 "ec2:DescribeInternetGateways",
                 "ec2:DescribeImages",
@@ -248,6 +251,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DeleteKeyPair",
                 "ec2:CreateTags",
                 "ec2:CreateSecurityGroup",
+                "ec2:CreateLaunchTemplateVersion",
+                "ec2:CreateLaunchTemplate",
                 "ec2:CreateKeyPair",
                 "ec2:AuthorizeSecurityGroupIngress",
                 "ec2:AuthorizeSecurityGroupEgress"
diff --git a/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md b/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
index 1c793684ff9..96145e9268d 100644
--- a/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
+++ b/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md
@@ -518,6 +518,7 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
             "Sid": "EC2Permisssions",
             "Effect": "Allow",
             "Action": [
+                "ec2:RunInstances",
                 "ec2:RevokeSecurityGroupIngress",
                 "ec2:RevokeSecurityGroupEgress",
                 "ec2:DescribeVpcs",
@@ -525,6 +526,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DescribeSubnets",
                 "ec2:DescribeSecurityGroups",
                 "ec2:DescribeRouteTables",
+                "ec2:DescribeLaunchTemplateVersions",
+                "ec2:DescribeLaunchTemplates",
                 "ec2:DescribeKeyPairs",
                 "ec2:DescribeInternetGateways",
                 "ec2:DescribeImages",
@@ -535,6 +538,8 @@ Resource targeting uses `*` as the ARN of many of the resources created cannot b
                 "ec2:DeleteKeyPair",
                 "ec2:CreateTags",
                 "ec2:CreateSecurityGroup",
+                "ec2:CreateLaunchTemplateVersion",
+                "ec2:CreateLaunchTemplate",
                 "ec2:CreateKeyPair",
                 "ec2:AuthorizeSecurityGroupIngress",
                 "ec2:AuthorizeSecurityGroupEgress"