Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-13572

Document the hubTemplateOptions.serviceAccountName option

XMLWordPrintable

    • False
    • None
    • False
    • None

      Note: Doc team updates the current version of the documentation and the
      two previous versions (n-2), but we address *only high-priority, or
      customer-reported issues* for -2 releases in support.
      Describe the changes in the doc and link to your dev story:

      1. - [x] Mandatory: Add the required version to the Fix version/s field.

      2. - [ ] Mandatory: Choose the type of documentation change or review.

      • [x] We need to update to an existing topic
      • [ ] We need to add a new document to an existing section
      • [ ] We need a whole new section; this is a function not
        documented before and doesn't belong in any current section
      • [ ] We need an Operator Advisory review and approval
      • [ ] We need a z-Stream (Errata) Advisory and Release note
        for MCE and/or ACM

      3. - [x] *Mandatory: *Use the following link to open the doc and find where the
      documentation update should go. Note: As the feature and doc is
      understood and developed, this placement decision may change:

      4. - [x] Mandatory for GA content:

      • [x] Add steps, the diff, known issue, and/or other important
        conceptual information in the following space:
      • [ ] *Add Required access level *(example, *Cluster
        Administrator*) for the user to complete the task:
      • [ ] Add verification at the end of the task, how does the user
        verify success (a command to run or a result to see?)

      5. - [x] Mandatory for bugs: What is the diff? Clearly define what the
      problem is, what the change is, and link to the current documentation. Only
      use this for a documentation bug.

       

      On the "Access control" row in the "Hub cluster" column, please adjust the wording to something similar to this:

          
      By default, you can only reference namespaced Kubernetes resources that are in the same namespace as the `Policy` object, and the `ManagedCluster` object of the cluster the policy is propagated to. Alternatively, you can specify the `spec.hubTemplateOptions.serviceAccountName` field in the `Policy` object to a service account in the same namespace as the the `Policy` resource. When specified, this service account is used for all Hub template lookups. Note that this service account needs to have `list` and `watch` permissions on any resource that is looked up in a hub template.

            rh-ee-ofischer Oliver Fischer
            mprahl Matthew Prahl
            Derek Ho Derek Ho
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: