Apply user defined tags to all resources created by OpenShift in AWS. The OpenShift installer and other components in AWS need to apply the user defined tags to all resources they create in AWS. This is for our customers' admins, compliance and security teams to keep track of assets and objects created by OpenShift (installer and other system components).
Scoped for delivery in 4.8:
User defined tags defined in the install-config.yaml of the IPI installer are tagged to the following AWS components:
- Classic load balancers, associated with the default ingress controller
- S3 bucket for internal image registry storage
- EBS volumes created from a storage class via the CSI driver, (PV/PVC)
User defined tags for:
- Any other ingress controller of type Load Balancing created after install on day 2.
- EBS volumes and S3 bucket created by OCS
- Also out of scope is tags in a configmap so that they can be updated after installation.
- AWS Route 53 records are out of scope
- EBS volumes created from a storage class via the in-tree storage driver is out of scope.
Cloud Credential Operator minted IAM users are out of scope. CCO in STS mode is not creating IAM users, and the replacement IAM Roles are created by the customer and can be restricted by tag as they wish, within the limits of AWS API capabilities.
- Is there source material that can be used as reference for the Technical Writer in writing the content? If yes, please link if available.
- What is the doc impact (New Content, Updates to existing content, or Release Note)?