Merge pull request #78211 from EricPonvelle/TF-Post-Merge-Fixes

Terraform Post-Merge Clean-up

Author: EricPonvelle

_topic_maps/_topic_map_rosa.yml

@@ -231,8 +231,6 @@ Topics:
   Topics:
   - Name: Creating a default ROSA cluster using Terraform
     File: rosa-hcp-creating-a-cluster-quickly-terraform
-#  - Name: Customizing a ROSA cluster with Terraform
-#    File: rosa-hcp-creating-a-cluster-with-customizations-terraform
 - Name: Creating ROSA with HCP clusters using a custom AWS KMS encryption key
   File: rosa-hcp-creating-cluster-with-aws-kms-key
 - Name: Creating a private cluster on ROSA with HCP
@@ -258,8 +256,6 @@ Topics:
   Topics:
   - Name: Creating a default ROSA (classic architecture) cluster using Terraform
     File: rosa-classic-creating-a-cluster-quickly-terraform
-#  - Name: Customizing a ROSA cluster with Terraform
-#    File: rosa-classic-creating-a-cluster-with-customizations-terraform
 - Name: Interactive cluster creation mode reference
   File: rosa-sts-interactive-mode-reference
 - Name: Creating an AWS PrivateLink cluster on ROSA

modules/rosa-sts-overview-of-the-default-cluster-specifications.adoc

@@ -8,20 +8,20 @@ ifeval::["{context}" == "rosa-hcp-sts-creating-a-cluster-quickly"]
 :rosa-hcp:
 endif::[]
 ifeval::["{context}" == "rosa-sts-creating-a-cluster-quickly"]
-:rosa-standalone:
+:rosa-classic:
 endif::[]
 ifeval::["{context}" == "rosa-classic-creating-a-cluster-quickly-terraform"]
-:rosa-terraform:
+:tf-classic:
 endif::[]
 ifeval::["{context}" == "rosa-hcp-creating-a-cluster-quickly-terraform"]
-:rosa-terraform:
+:tf-hcp:
 endif::[]
 
 :_mod-docs-content-type: CONCEPT
 [id="rosa-sts-overview-of-the-default-cluster-specifications_{context}"]
 = Overview of the default cluster specifications
 
-ifndef::rosa-terraform[]
+ifndef::tf-classic,tf-hcp[]
 You can quickly create a
 ifdef::rosa-hcp[]
 {hcp-title}
@@ -30,14 +30,14 @@ ifndef::rosa-hcp[]
 {product-title} (ROSA)
 endif::rosa-hcp[]
 cluster with the {sts-first} by using the default installation options. The following summary describes the default cluster specifications.
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
 
 ifdef::rosa-hcp[]
 .Default {hcp-title} cluster specifications
 endif::rosa-hcp[]
-ifdef::rosa-standalone[]
+ifdef::rosa-classic[]
 .Default ROSA with STS cluster specifications
-endif::rosa-standalone[]
+endif::rosa-classic[]
 
 [cols=".^1,.^3a",options="header"]
 |===
@@ -47,23 +47,23 @@ endif::rosa-standalone[]
 
 |Accounts and roles
 |
-ifdef::rosa-terraform[]
+ifdef::tf-classic,tf-hcp[]
 * Default IAM role prefix: `rosa-<6-digit-alphanumeric-string>`
-endif::rosa-terraform[]
-ifndef::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifndef::tf-classic,tf-hcp[]
 * Default IAM role prefix: `ManagedOpenShift`
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
 * No cluster admin role created
 
 |Cluster settings
 |
-ifdef::rosa-terraform[]
+ifdef::tf-classic,tf-hcp[]
 * Default cluster version: `4.14`
 * Cluster name: `rosa-<6-digit-alphanumeric-string>`
 * Default AWS region for installations using the {cluster-manager-first} {hybrid-console-second}: us-east-2 (US East, Ohio)
 * Availability: Multi zone for the data plane
-endif::rosa-terraform[]
-ifndef::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifndef::tf-classic,tf-hcp[]
 * Default cluster version: Latest
 ifndef::rosa-hcp[]
 * Default AWS region for installations using the {cluster-manager-first} {hybrid-console-second}: us-east-1 (US East, North Virginia)
@@ -72,62 +72,69 @@ ifdef::rosa-hcp[]
 * Default AWS region for installations using the ROSA CLI (`rosa`): Defined by your `aws` CLI configuration
 endif::rosa-hcp[]
 * Availability: Single zone for the data plane
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifndef::rosa-hcp,tf-hcp[]
 * Default EC2 IMDS endpoints (both v1 and v2) are enabled
+endif::rosa-hcp,tf-hcp[]
 * Monitoring for user-defined projects: Enabled
 
 |Encryption
 |* Cloud storage is encrypted at rest
 * Additional etcd encryption is not enabled
+ifndef::rosa-hcp,tf-hcp[]
 * The default AWS Key Management Service (KMS) key is used as the encryption key for persistent data
+endif::rosa-hcp,tf-hcp[]
+ifdef::rosa-hcp,tf-hcp[]
+* AWS Key Management Service (KMS) key encryption is not enabled by default.
+endif::rosa-hcp,tf-hcp[]
 
-ifndef::rosa-hcp[]
+ifndef::rosa-hcp,tf-hcp[]
 |Control plane node configuration
 |* Control plane node instance type: m5.2xlarge (8 vCPU, 32 GiB RAM)
 * Control plane node count: 3
 
 |Infrastructure node configuration
 |* Infrastructure node instance type: r5.xlarge (4 vCPU, 32 GiB RAM)
 * Infrastructure node count: 2
-endif::rosa-hcp[]
+endif::rosa-hcp,tf-hcp[]
 
 |Compute node machine pool
 |* Compute node instance type: m5.xlarge (4 vCPU 16, GiB RAM)
-ifndef::rosa-terraform[]
+ifndef::tf-classic,tf-hcp[]
 * Compute node count: 2
-endif::rosa-terraform[]
-ifdef::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifdef::tf-classic,tf-hcp[]
 * Compute node count: 3
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
 * Autoscaling: Not enabled
 * No additional node labels
 
 |Networking configuration
 |
-ifndef::rosa-terraform[]
+ifndef::tf-classic,tf-hcp[]
 * Cluster privacy: Public
-endif::rosa-terraform[]
-ifdef::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifdef::tf-classic,tf-hcp[]
 * Cluster privacy: public or private
 * You can choose to create a new VPC during the Terraform cluster creation process.
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
 ifdef::rosa-hcp[]
 * You must have configured your own Virtual Private Cloud (VPC)
 endif::rosa-hcp[]
 * No cluster-wide proxy is configured
 
 |Classless Inter-Domain Routing (CIDR) ranges
 |
-ifdef::rosa-terraform[]
+ifdef::tf-classic,tf-hcp[]
 * Machine CIDR: 10.0.0.0/16
 * Service CIDR: 172.30.0.0/16
 * Pod CIDR: 10.128.0.0/14
-endif::rosa-terraform[]
-ifndef::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifndef::tf-classic,tf-hcp[]
 * Machine CIDR: 10.0.0.0/16
 * Service CIDR: 172.30.0.0/16
 * Pod CIDR: 10.128.0.0/16
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
 * Host prefix: /23
 +
 ifdef::rosa-hcp[]
@@ -144,12 +151,12 @@ endif::rosa-hcp[]
 ====
 For installations that use {cluster-manager} on the {hybrid-console-second}, the `auto` mode requires an admin-privileged {cluster-manager} role.
 ====
-ifdef::rosa-terraform[]
+ifdef::tf-classic,tf-hcp[]
 * Default Operator role prefix: `rosa-<6-digit-alphanumeric-string>`
-endif::rosa-terraform[]
-ifndef::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
+ifndef::tf-classic,tf-hcp[]
 * Default Operator role prefix: `<cluster_name>-<4_digit_random_string>`
-endif::rosa-terraform[]
+endif::tf-classic,tf-hcp[]
 
 |Cluster update strategy
 |* Individual updates
@@ -161,8 +168,11 @@ ifeval::["{context}" == "rosa-hcp-sts-creating-a-cluster-quickly"]
 :!rosa-hcp:
 endif::[]
 ifeval::["{context}" == "rosa-sts-creating-a-cluster-quickly"]
-:!rosa-standalone:
+:!rosa-classic:
 endif::[]
 ifeval::["{context}" == "rosa-classic-creating-a-cluster-quickly-terraform"]
-:!rosa-terraform:
+:!tf-classic:
+endif::[]
+ifeval::["{context}" == "rosa-hcp-creating-a-cluster-quickly-terraform"]
+:!tf-hcp:
 endif::[]

modules/rosa-sts-terraform-prerequisites.adoc

@@ -1,41 +1,19 @@
 // Module included in the following assemblies:
 //
 // * rosa_planning/rosa-understanding-terraform.adoc
-ifeval::["{context}" == "rosa-understanding-terraform"]
-:tf-full:
-endif::[]
 
 :_mod-docs-content-type: CONCEPT
 [id="rosa-sts-terraform-prerequisites_{context}"]
-ifdef::tf-full[]
-= Prerequisites for Terraform
-endif::tf-full[]
-ifndef::tf-full[]
 .Prerequisites
-endif::tf-full[]
 
 To use link:https://registry.terraform.io/providers/terraform-redhat/rhcs/latest/docs[the Red{nbsp}Hat Cloud Services provider] inside your Terraform configuration, you must meet the following prerequisites:
 
 * You have installed the {product-title} (ROSA) command-line interface (CLI) tool.
-ifdef::tf-full[]
-+
-See the Additional resources for further installation instructions.
-endif::tf-full[]
 * You have your offline link:https://console.redhat.com/openshift/token/rosa[{cluster-manager-first} token].
-ifdef::tf-full[]
-+
-This token is generated through the Red{nbsp}Hat Hybrid Cloud Console. It is unique to your account and should not be shared. The token is generated based off your account access and permissions.
-endif::tf-full[]
 * You have installed link:https://developer.hashicorp.com/terraform/downloads[Terraform version 1.4.6] or newer.
-ifdef::tf-full[]
-+
-You must have Terraform configured for your local system. The Terraform website contains installation options for MacOS, Windows, and Linux.
-endif::tf-full[]
-ifndef::tf-full[]
 * You have created your AWS account-wide IAM roles.
 +
 The specific account-wide IAM roles and policies provide the STS permissions required for ROSA support, installation, control plane, and compute functionality. This includes account-wide Operator policies. See the Additional resources for more information on the AWS account roles.
-endif::tf-full[]
 * You have an link:https://aws.amazon.com/free/?all-free-tier[AWS account] and link:https://docs.aws.amazon.com/IAM/latest/UserGuide/security-creds.html[associated credentials] that allow you to create resources. The credentials are configured for the AWS provider. See the link:https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication-and-configuration[Authentication and Configuration] section in AWS Terraform provider documentation.
 * You have, at minimum, the following permissions in your AWS IAM role policy that is operating Terraform. Check for these permissions in the AWS console.
 +
@@ -108,7 +86,4 @@ endif::tf-full[]
   ]
 }
 ----
-====
-ifeval::["{context}" == "rosa-understanding-terraform"]
-:!tf-full:
-endif::[]
+====

rosa_hcp/terraform/rosa-hcp-creating-a-cluster-quickly-terraform.adoc

@@ -30,4 +30,9 @@ The cluster creation process outlined below shows how to use Terraform to create
 include::modules/rosa-sts-cluster-terraform-setup.adoc[leveloffset=+2]
 include::modules/rosa-hcp-cluster-terraform-file-creation.adoc[leveloffset=+2]
 include::modules/rosa-sts-cluster-terraform-execute.adoc[leveloffset=+2]
-include::modules/rosa-sts-cluster-terraform-destroy.adoc[leveloffset=+2]
+include::modules/rosa-sts-cluster-terraform-destroy.adoc[leveloffset=+2]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-creating-a-cluster-quickly-terraform"]
+== Additional resources
+* xref:../../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-account-wide-roles-and-policies_rosa-sts-about-iam-resources[Account-wide IAM role and policy reference]

rosa_hcp/terraform/rosa-hcp-creating-a-cluster-with-customizations-terraform.adoc

@@ -29,4 +29,9 @@ The cluster creation process outlined below shows how to use Terraform to create
 include::modules/rosa-sts-cluster-terraform-setup.adoc[leveloffset=+2]
 include::modules/rosa-classic-cluster-terraform-file-creation.adoc[leveloffset=+2]
 include::modules/rosa-sts-cluster-terraform-execute.adoc[leveloffset=+2]
-include::modules/rosa-sts-cluster-terraform-destroy.adoc[leveloffset=+2]
+include::modules/rosa-sts-cluster-terraform-destroy.adoc[leveloffset=+2]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-classic-creating-a-cluster-quickly-terraform"]
+== Additional resources
+* xref:../../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-account-wide-roles-and-policies_rosa-sts-about-iam-resources[Account-wide IAM role and policy reference]