Requirement

This is a request to add a check for the existence of a linked user role before leaving the Accounts and roles page in the ROSA install UI.

Problem description

If one user creates the AWS account-wide roles, the OCM role and their own user role when they create a ROSA cluster using the UI, another user in the same Red Hat org will see the same account-wide roles as automatically detected when they try to create a cluster using the UI.

In this scenario, it looks to the second user like the AWS role association is complete and they can select Next on the Accounts and roles page to move on to the subsequent pages in the UI installer. However, if the second user has not created a user role that is specific to them and linked it to their own Red Hat user account,  they will receive the following error after they select Create cluster:

Error creating cluster - CLUSTERS-MGMT-400: Add 'arn:aws:iam::<id>:role/RH-Managed-OpenShift-Installer' to the trust policy on IAM role 'ManagedOpenShift-User-<username>-Role'

At present, the second user will not discover the lack of a linked user account until they complete the whole UI installer sequence and then they need to debug the issue based on the error message.

It would be useful to add a check on the Accounts and roles page to confirm if the second user has a valid user role that is linked to their user account, in addition to associating the account-wide roles. This will prevent them from having to go through the whole UI installer sequence and clicking Create cluster before they are notified about the requirement to create and link a user role.