Article number
000003286
Affected Versions
All
Source Hypervisor
AWS
Target Hypervisor
All

ZCA 7.5 Install Or Upgrade Fails For “There Was An Error Getting The AWS IAM Role Permissions”

Viewed 130 times

Root Cause

The IAM Role attached to the ZCA is missing a policy or the Role has a policy but the following 3 permissions are missing:

iam:GetPolicyVersion
iam:ListAttachedRolePolicies
iam:ListPolicyVersions

These 3 permissions are required for the ZCA to validate all of the other minimum required permissions so if any one is not included in the IAM Role, the error is presented.

Symptoms

When attempting to upgrade or install a ZCA in AWS running 7.5, the following error is presented:


User-added image

Solution

Add the following permissions to the ZCA's IAM Role and try again:

iam:GetPolicyVersion
iam:ListAttachedRolePolicies
iam:ListPolicyVersions