Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-127

Continued STS enablement for selected OLM-managed operators



    • False
    • Hide


    • False
    • OCPSTRAT-6Tokenized Auth Enablement for OLM-managed Operators on Cloud Providers
    • 14
    • 14% 14%
    • 0
    • 0
    • Backlog Refinement


      Feature Overview (aka. Goal Summary)  

      Increased coverage of layered products and partner offerings supporting standardized STS configuration flow (OCPBU-559) short-lived token authentication on ROSA clusters.  Process to follow is documented here: https://docs.google.com/document/d/1iFNpyycby_rOY1wUew-yl3uPWlE00krTgr9XHDZOTNo/edit?usp=sharing

      Goals (aka. expected user outcomes)

      Increase portfolio coverage on ROSA with a streamlined, repeatable user experience to ease adoption of the service.

      Requirements (aka. Acceptance Criteria):

      • based on OCPBU-559 and following OCPBU-563, the following operators will be enabled to support the standard configuration flow for STS:
        • 3Scale
        • RHODS
        • EFA
        • ACK Operators (not productized, low adoption on OCP) (important for ROSA & OSD-AWS)
        • ACM
        • Ansible Automation Platform
        • Quay
      • the operators core logic and metadata will be adapted to enable the flow on the command line and the Console


      For ROSA customers these operators represent the larger Red Hat portfolio and integration with STS is deemed essential for upsell. Having a streamlined process around installing these with integration into STS will enable security-conscious customers to adopt the platform faster.

      Customer Considerations

      Customers are trained to use the ccoctl tool to carry out IAM changes in conjunction with ROSA. 

      Documentation Considerations

      Every one of these operators needs to clearly outline with IAM permissions are required and provide easy to follow steps to create them. This information should be visible from the operators description (part of the OLM metadata) as well as reside in the components official product documentation.


        Issue Links



              DanielMesser Daniel Messer
              DanielMesser Daniel Messer
              Brett Tofel, Lance Galletti
              Jian Zhang Jian Zhang
              Stephanie Stout Stephanie Stout
              Andy Goldstein Andy Goldstein
              Daniel Messer Daniel Messer
              Senthamilarasu S Senthamilarasu S
              1 Vote for this issue
              7 Start watching this issue