From d504acfec5728de4192099ed5b40cee8bf1d47b3 Mon Sep 17 00:00:00 2001
From: Joel Diaz <jdiaz@redhat.com>
Date: Wed, 27 Feb 2019 17:40:04 -0500
Subject: [PATCH] add ec2:CopyImage as a required permission

latest master branch cluster installs failing with:

ERROR
ERROR Error: Error applying plan:
ERROR
ERROR 1 error occurred:
ERROR     * aws_ami_copy.main: 1 error occurred:
ERROR     * aws_ami_copy.main: UnauthorizedOperation: You are not authorized to perform this operation.
ERROR     status code: 403, request id: 96aa0046-aea7-447f-b03d-3dd5550e1dc9
ERROR

this was resolved by granting the AWS user the ec2:CopyImage permission/capability. add ec2:CopyImage to the pre-flight permission checks.
---
 pkg/asset/installconfig/aws/permissions.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkg/asset/installconfig/aws/permissions.go b/pkg/asset/installconfig/aws/permissions.go
index b3b86ce06c3..08b46298024 100644
--- a/pkg/asset/installconfig/aws/permissions.go
+++ b/pkg/asset/installconfig/aws/permissions.go
@@ -20,6 +20,7 @@ var installPermissions = []string{
 	"ec2:AttachInternetGateway",
 	"ec2:AuthorizeSecurityGroupEgress",
 	"ec2:AuthorizeSecurityGroupIngress",
+	"ec2:CopyImage",
 	"ec2:CreateDhcpOptions",
 	"ec2:CreateInternetGateway",
 	"ec2:CreateNatGateway",