Value Statement

MCE CAPA customers such as Delta have strong requirement to use aws IAM roles for authenticating CAPA deployment with serviceAccount instead of using aws secret authentication. The IAM roles annotation must be updated in CAPA deployment here and CAPA serviceAccount here

Definition of Done for Engineering Story Owner (Checklist)

As MCE user after enabling CAPA feature I should be able to update the IAM role annotation in CAPA deploy & serviceAccount without MCE re-apply the default value empty string.
At same time MCE should be able to monitor CAPA deployment and update its image URL in case of z-stream upgrade.

Development Complete

• The code is complete.
• Functionality is working.
• Any required downstream Docker file changes are made.

Tests Automated

• [ ] Unit/function tests have been automated and incorporated into the
  build.
• [ ] 100% automated unit/function test coverage for new or changed APIs.

Secure Design

• [ ] Security has been assessed and incorporated into your threat model.

Multidisciplinary Teams Readiness

• [ ] Create an informative documentation issue using the Customer

Portal Doc template that you can access from [The Playbook](

https://docs.google.com/document/d/1YTqpZRH54Bnn4WJ2nZmjaCoiRtqmrc2w6DdQxe_yLZ8/edit#heading=h.9fvyr2rdriby),

and ensure doc acceptance criteria is met.

• Call out this sentence as it's own action:

• [ ] Link the development issue to the doc issue.

Support Readiness

• [ ] The must-gather script has been updated.