Feature Overview (aka. Goal Summary)  

To improve automation, governance and security, AWS customers extensively use AWS Tags to track resources. Customers wants the ability to change user tags on day 2 without having to recreate a new cluster to have 1 or more tags added/modified.

Goals (aka. expected user outcomes)

The observable functionality that the user now has as a result of receiving this feature. Complete during New status.

• Cluster administrator can add one or more tags to an existing cluster. 
• Cluster administrator can remove one or more tags from an existing cluster.
• Cluster administrator can add one or more tags just to machine-pool / node-pool in the ROSA with HCP cluster.
• All ROSA client interfaces (ROSA CLI, API, UI) can utilise the day2 tagging feature on ROSA with HCP clusters
• All OSD client interfaces (API, UI, CLI) can utilize the day2 tagging feature on ROSA with HCP clusters
• This feature does not affect the Red Hat owned day1 tags built into OCP/ROSA (there are 10 reserved spaces for tags, of the 50 available, leaving 40 spaces for customer provided tags)

Requirements (aka. Acceptance Criteria):

A list of specific needs or objectives that a feature must deliver in order to be considered complete.  Be sure to include nonfunctional requirements such as security, reliability, performance, maintainability, scalability, usability, etc.  Initial completion during Refinement status.

• Following capabilities are available for AWS on standalone and HCP clusters.
• OCP automatically tags the cloud resources with the Cluster's External ID. 
• Tags added by default on Day 1 are not affected.
• All existing active AWS resources in the OCP clusters have the tagging changes propagated.
• All new AWS resources created by OCP reflect the changes to tagging.
• Hive to support additional list of key=value strings on MachinePools
  • These are AWS user-defined / custom tags, not to be confused with node labels
  • ROSA CLI can accept a list of key=value strings with additional tag values
    • it currently can do this during cluster-install
  • The default tag(s) is/are still applied
  • NOTE: AWS limit of 50 tags per object (2 used automatically by OCP; with a third to be added soon; 10 reserved for Red Hat overall, as at least 2-3 are used by Managed Services) - customer's can only specify 40 tags max!
    • Source: https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html#tag-conventions
  • Must be able to modify tags after creation 
• Support for OpenShift 4.15 onwards.

Out-of-scope

This feature will only apply to ROSA with Hosted Control Planes, and ROSA Classic / standalone is excluded.

Why is this important?

• Customers want to use custom tagging for
  • access controls
  • chargeback/showback
  • cloud IAM conditional permissions

Scenarios

1. ...

Acceptance Criteria

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.
• ...

Dependencies (internal and external)

1. ...

Previous Work (Optional):

1. …

Open questions::

1. …

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>