Merge pull request #48713 from xenolinux/encrypt-kms-installer

BZ2070625: Adds `kmsKeyARN` parameter to the table

Author: michaelryanpeter

modules/installation-configuration-parameters.adoc

@@ -691,6 +691,10 @@ Optional AWS configuration parameters are described in the following table:
 |Valid link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html[AWS EBS volume type],
 such as `io1`.
 
+|`compute.platform.aws.rootVolume.kmsKeyARN`
+|The Amazon Resource Name (key ARN) of a KMS key. This is required to encrypt OS volumes of worker nodes with a specific KMS key.
+|Valid link:https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html[key ID or the key ARN].
+
 |`compute.platform.aws.type`
 |The EC2 instance type for the compute machines.
 |Valid AWS instance type, such as `m4.2xlarge`. See the *Supported AWS machine types* table that follows.
@@ -707,7 +711,7 @@ link:https://yaml.org/spec/1.2/spec.html#sequence//[YAML sequence].
 [source,terminal]
 ----
 aws ec2 describe-instance-type-offerings --filters Name=instance-type,Values=c7g.xlarge
----- 
+----
 ifndef::openshift-origin[]
 [IMPORTANT]
 ====
@@ -724,6 +728,10 @@ endif::openshift-origin[]
 |A pre-existing AWS IAM role applied to the control plane machine pool instance profiles. You can use these fields to match naming schemes and include predefined permissions boundaries for your IAM roles. If undefined, the installation program creates a new IAM role.
 |The name of a valid AWS IAM role.
 
+|`controlPlane.platform.aws.rootVolume.kmsKeyARN`
+|The Amazon Resource Name (key ARN) of a KMS key. This is required to encrypt OS volumes of control plane nodes with a specific KMS key.
+|Valid link:https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html[key ID and the key ARN].
+
 |`controlPlane.platform.aws.type`
 |The EC2 instance type for the control plane machines.
 |Valid AWS instance type, such as `m6i.xlarge`. See the *Supported AWS machine types* table that follows.