@@ -525,8 +525,9 @@ spec:
525525 - name
526526 type : object
527527 installerRoleARN :
528- description : InstallerRoleARN is an AWS IAM role that OpenShift Cluster
529- Manager will assume to create the cluster..
528+ description : |-
529+ InstallerRoleARN is an AWS IAM role that OpenShift Cluster Manager will assume to create the cluster.
530+ Required if RosaRoleConfigRef is not specified.
530531type : string
531532 network :
532533 description : Network config for the ROSA HCP cluster.
@@ -560,7 +561,9 @@ spec:
560561 type : string
561562 type : object
562563 oidcID :
563- description : The ID of the internal OpenID Connect Provider.
564+ description : |-
565+ The ID of the internal OpenID Connect Provider.
566+ Required if RosaRoleConfigRef is not specified.
564567type : string
565568 x-kubernetes-validations :
566569 - message : oidcID is immutable
@@ -576,8 +579,9 @@ spec:
576579 description : The AWS Region the cluster lives in.
577580 type : string
578581 rolesRef :
579- description : AWS IAM roles used to perform credential requests by
580- the openshift operators.
582+ description : |-
583+ AWS IAM roles used to perform credential requests by the openshift operators.
584+ Required if RosaRoleConfigRef is not specified.
581585properties :
582586 controlPlaneOperatorARN :
583587 description : " ControlPlaneOperatorARN is an ARN value referencing
@@ -777,6 +781,22 @@ spec:
777781 x-kubernetes-validations :
778782 - message : rosaClusterName is immutable
779783 rule : self == oldSelf
784+ rosaRoleConfigRef :
785+ description : |-
786+ RosaRoleConfigRef is a reference to a RosaRoleConfig resource that contains account roles, operator roles and OIDC configuration.
787+ RosaRoleConfigRef and role fields such as installerRoleARN, supportRoleARN, workerRoleARN, rolesRef and oidcID are mutually exclusive.
788+ properties :
789+ name :
790+ default : " "
791+ description : |-
792+ Name of the referent.
793+ This field is effectively required, but due to backwards compatibility is
794+ allowed to be empty. Instances of this type with an empty value here are
795+ almost certainly wrong.
796+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
797+ type : string
798+ type : object
799+ x-kubernetes-map-type : atomic
780800 subnets :
781801 description : |-
782802 The Subnet IDs to use when installing the cluster.
@@ -788,6 +808,7 @@ spec:
788808 description : |-
789809 SupportRoleARN is an AWS IAM role used by Red Hat SREs to enable
790810 access to the cluster account in order to provide support.
811+ Required if RosaRoleConfigRef is not specified.
791812type : string
792813 version :
793814 description : OpenShift semantic version, for example "4.14.5".
@@ -806,22 +827,18 @@ spec:
806827 - AlwaysAcknowledge
807828 type : string
808829 workerRoleARN :
809- description : WorkerRoleARN is an AWS IAM role that will be attached
810- to worker instances.
830+ description : |-
831+ WorkerRoleARN is an AWS IAM role that will be attached to worker instances.
832+ Required if RosaRoleConfigRef is not specified.
811833type : string
812834 required :
813835 - availabilityZones
814836 - channelGroup
815- - installerRoleARN
816- - oidcID
817837 - region
818- - rolesRef
819838 - rosaClusterName
820839 - subnets
821- - supportRoleARN
822840 - version
823841 - versionGate
824- - workerRoleARN
825842 type : object
826843 status :
827844 description : RosaControlPlaneStatus defines the observed state of ROSAControlPlane.
0 commit comments