OCPBUGS-31017: aws: add ec2:DisassociateAddress permission

When publish == "External", the bootstrap VM will be assigned an EIP.
During bootstrap destroy, the `terraform-provider-aws` code might call
`DisassociateAddress` on the EIP before deleting the instance.

Author: r4f4

pkg/asset/installconfig/aws/permissions.go

@@ -232,6 +232,8 @@ var permissions = map[PermissionGroup][]string{
 		"ec2:DeleteVpc",
 		"ec2:DeleteVpcEndpoints",
 		"ec2:DetachInternetGateway",
+		// Needed by terraform when EIPs are created
+		"ec2:DisassociateAddress",
 		"ec2:DisassociateRouteTable",
 		"ec2:ReleaseAddress",
 		"ec2:ReplaceRouteTableAssociation",