Feature Overview (aka. Goal Summary)  

The Cloud Credential Operator (CCO) currently generates AWS IAM permissions that are broader than necessary for OpenShift operations. This feature will enhance the security posture of OpenShift on AWS by implementing more restrictive IAM permissions, specifically by adding VPC-scoped limitations and following the principle of least privilege.

The primary enhancement involves adding `aws:SourceVpc` permission limitations to force credentials to be used exclusively from within the VPC where the OpenShift cluster is deployed, preventing potential misuse of credentials from outside the cluster's network boundary.

Goals (aka. expected user outcomes)

The observable functionality that the user now has as a result of receiving this feature. Complete during New status.
1. Enhance Security Posture: Reduce the attack surface by limiting IAM permissions to the minimum required for OpenShift operations
2. Implement VPC-Scoped Permissions: Add `aws:SourceVpc` conditions to IAM policies to restrict credential usage to the cluster's VPC

Requirements (aka. Acceptance Criteria):

A list of specific needs or objectives that a feature must deliver in order to be considered complete.  Be sure to include nonfunctional requirements such as security, reliability, performance, maintainability, scalability, usability, etc.  Initial completion during Refinement status.
 
VPC-Scoped Permissions include:

• All applicable IAM policies include `aws:SourceVpc` condition
• Credentials can only be used from within the cluster's VPC
• External access attempts are denied
• All OpenShift operators maintain full functionality
• No degradation in cluster operations
• CCO settings and IAM policies are preserved and unchanged during upgrades

Use Cases (Optional):

Include use case diagrams, main success scenarios, alternative flow scenarios.  Initial completion during Refinement status.

Use Case 1: New Cluster Installation
Platform Administrator installs a new OpenShift cluster on AWS
1. Administrator initiates cluster installation
2. CCO generates IAM credentials with VPC-scoped restrictions
3. All operators receive credentials that only work within the cluster VPC
4. Cluster operates normally with enhanced security

Use Case 2: Security Compliance Audit
Security Auditor Reviews OpenShift cluster for compliance
1. Auditor reviews IAM permissions for OpenShift components
2. Verifies all permissions are scoped to the VPC
3. Confirms no overly broad permissions exist
4. Cluster passes security compliance requirements 

Questions to Answer (Optional):

Include a list of refinement / architectural questions that may need to be answered before coding can begin.  Initial completion during Refinement status.

Out of Scope

High-level list of items that are out of scope.  Initial completion during Refinement status.

Background

Provide any additional context is needed to frame the feature.  Initial completion during Refinement status.

Customer Considerations

Provide any additional customer-specific considerations that must be made when designing and delivering the Feature.  Initial completion during Refinement status.

Documentation Considerations

Provide information that needs to be considered and planned so that documentation will meet customer needs.  Initial completion during Refinement status.

Interoperability Considerations

Which other projects and versions in our portfolio does this feature impact?  What interoperability test scenarios should be factored by the layered products?  Initial completion during Refinement status.