@@ -524,8 +524,9 @@ spec:
524524 - name
525525 type : object
526526 installerRoleARN :
527- description : InstallerRoleARN is an AWS IAM role that OpenShift Cluster
528- Manager will assume to create the cluster..
527+ description : |-
528+ InstallerRoleARN is an AWS IAM role that OpenShift Cluster Manager will assume to create the cluster.
529+ Required if RosaRoleConfigRef is not specified.
529530type : string
530531 network :
531532 description : Network config for the ROSA HCP cluster.
@@ -559,7 +560,9 @@ spec:
559560 type : string
560561 type : object
561562 oidcID :
562- description : The ID of the internal OpenID Connect Provider.
563+ description : |-
564+ The ID of the internal OpenID Connect Provider.
565+ Required if RosaRoleConfigRef is not specified.
563566type : string
564567 x-kubernetes-validations :
565568 - message : oidcID is immutable
@@ -575,8 +578,9 @@ spec:
575578 description : The AWS Region the cluster lives in.
576579 type : string
577580 rolesRef :
578- description : AWS IAM roles used to perform credential requests by
579- the openshift operators.
581+ description : |-
582+ AWS IAM roles used to perform credential requests by the openshift operators.
583+ Required if RosaRoleConfigRef is not specified.
580584properties :
581585 controlPlaneOperatorARN :
582586 description : " ControlPlaneOperatorARN is an ARN value referencing
@@ -776,6 +780,22 @@ spec:
776780 x-kubernetes-validations :
777781 - message : rosaClusterName is immutable
778782 rule : self == oldSelf
783+ rosaRoleConfigRef :
784+ description : |-
785+ RosaRoleConfigRef is a reference to a RosaRoleConfig resource that contains account and operator roles and OIDC configuration.
786+ If specified, the roles and OIDC configuration will be taken from the referenced RosaRoleConfig instead of the direct fields.
787+ properties :
788+ name :
789+ default : " "
790+ description : |-
791+ Name of the referent.
792+ This field is effectively required, but due to backwards compatibility is
793+ allowed to be empty. Instances of this type with an empty value here are
794+ almost certainly wrong.
795+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
796+ type : string
797+ type : object
798+ x-kubernetes-map-type : atomic
779799 subnets :
780800 description : |-
781801 The Subnet IDs to use when installing the cluster.
@@ -787,6 +807,7 @@ spec:
787807 description : |-
788808 SupportRoleARN is an AWS IAM role used by Red Hat SREs to enable
789809 access to the cluster account in order to provide support.
810+ Required if RosaRoleConfigRef is not specified.
790811type : string
791812 version :
792813 description : OpenShift semantic version, for example "4.14.5".
@@ -805,22 +826,18 @@ spec:
805826 - AlwaysAcknowledge
806827 type : string
807828 workerRoleARN :
808- description : WorkerRoleARN is an AWS IAM role that will be attached
809- to worker instances.
829+ description : |-
830+ WorkerRoleARN is an AWS IAM role that will be attached to worker instances.
831+ Required if RosaRoleConfigRef is not specified.
810832type : string
811833 required :
812834 - availabilityZones
813835 - channelGroup
814- - installerRoleARN
815- - oidcID
816836 - region
817- - rolesRef
818837 - rosaClusterName
819838 - subnets
820- - supportRoleARN
821839 - version
822840 - versionGate
823- - workerRoleARN
824841 type : object
825842 status :
826843 description : RosaControlPlaneStatus defines the observed state of ROSAControlPlane.
0 commit comments