-
Epic
-
Resolution: Done
-
Blocker
-
None
-
None
-
None
-
Deploy disconnected OpenShift cluster with STS
-
False
-
None
-
False
-
Not Selected
-
Done
-
OCPPLAN-5656 - AWS STS - Security Token Service
-
Impediment
-
0% To Do, 0% In Progress, 100% Done
-
If Release Note Needed, Set a Value
-
Approved
Goal
As a Infrastructure Administrator, I want to deploy OpenShift in a disconnected environment with STS on AWS.
Why does the customer need this?
- Regulated (FSI) customers want to deploy disconnected clusters with manual mode STS due to regulatory restrictions and policies.
Requirement
Setup an environment to validate the entire disconnected deployment (RFE-2652) using this ccoctl PR change, to ensure nothing else breaks.
Acceptance Criteria
- Make ccoctl sets STS endpoints to regional in AWS credentials secrets
- Installation completes successfully
- Image registry is available and operational
- Identify any limitations for operating OpenShift in a disconnected environment with STS.
Dependencies
Cloud Credentials Operator, Installer, Registry
Previous Work (Optional)
AWS was introduced in OCP 4.8. See CCO-21 (Support AWS Security Token Service) See CCO-114. Note: This Jira is created to ensure we have testing/CI coverage for disconnected scenario.
- depends on
-
CCO-257 Make ccoctl set sts endpoints to regional in AWS credentials secrets
- Closed
- is depended on by
-
CCO-300 Upgrade disconnected/restricted OpenShift cluster with STS on AWS
- Closed
- is related to
-
OCPBUGS-1629 Facing issue while configuring egress IP pool in OCP cluster which uses STS
- Closed
-
OCPBUGS-1830 Facing issue while configuring S3 ServiceEndpoint in OCP cluster which uses STS
- Closed