docs: add IAM requirement for UserApiKeyCreator (#701)

toddgiguere · web-flow · commit 89a91b13f3b2 · 2025-06-03T14:59:08.000-04:00
diff --git a/README.md b/README.md
@@ -218,6 +218,8 @@ You need the following permissions to run this module.
   - **VPC Infrastructure** service
     - `Administrator` platform access
     - `Manager` service access
+  - **IAM Identity Service** service
+    - `User API key creator` service access
 
 Optionally, you need the following permissions to attach Access Management tags to resources in this module.
 
diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -56,9 +56,11 @@
           "iam_permissions": [
             {
               "role_crns": [
-                "crn:v1:bluemix:public:iam::::role:Administrator"
+                "crn:v1:bluemix:public:iam::::role:Administrator",
+                "crn:v1:bluemix:public:iam-identity::::serviceRole:UserApiKeyCreator"
               ],
-              "service_name": "iam-identity"
+              "service_name": "iam-identity",
+              "notes": "Allows IBM Cloud OpenShift to create the containers-kubernetes-key required by the service"
             },
             {
               "role_crns": [

Original file line number	Diff line number	Diff line change
`@@ -56,9 +56,11 @@`
`56`	`56`	`"iam_permissions": [`
`57`	`57`	`{`
`58`	`58`	`"role_crns": [`
`59`		`- "crn:v1:bluemix:public:iam::::role:Administrator"`
	`59`	`+ "crn:v1:bluemix:public:iam::::role:Administrator",`
	`60`	`+ "crn:v1:bluemix:public:iam-identity::::serviceRole:UserApiKeyCreator"`
`60`	`61`	`],`
`61`		`- "service_name": "iam-identity"`
	`62`	`+ "service_name": "iam-identity",`
	`63`	`+ "notes": "Allows IBM Cloud OpenShift to create the containers-kubernetes-key required by the service"`
`62`	`64`	`},`
`63`	`65`	`{`
`64`	`66`	`"role_crns": [`