Feature Overview (aka. Goal Summary)  

The following operators are considered high priority and common for customers to use with ROSA. To enhance UX and reduce management overhead, their AWS IAM policies are planned to be prepared and submitted to AWS to be published as AWS managed policies:

1. ALB Operator (AWS Load Balancer Operator)
2. Log Forwarding operator
3. AWS EFS Operator
4. OADP (Open API for Data Protection) Operator

When each operator is installed in a cluster, a reliable ARN can be referenced when preparing roles and policies required by the operator in order to function.

Each operator team will need to provide the most up-to-date version of the policy so that AWS can publish the latest policy all the time.

Requirements (aka. Acceptance Criteria):

• All child issues of this XCMSTRAT Outcome are complete.
• New clusters as of a TBD version or date, would be able to use the policies
• existing customers should not be affected, but could use the policies as well
• Documentation provides details about all of the above to allow customers to make an informed decision as to how to use the policy and when to use which policy and what restrictions exist.
• All clients of ROSA would be functional with this change (Terraform, ROSA CLI, UI)

Questions to Answer (Optional):

Out of Scope

High-level list of items that are out of scope.  Initial completion during Refinement status.

Background

Provide any additional context is needed to frame the feature.  Initial completion during Refinement status.

Customer Considerations

Provide any additional customer-specific considerations that must be made when designing and delivering the Feature.  Initial completion during Refinement status.

Documentation Considerations

Documentation will need to be updated to indicate what are the defaults, how these policies are used and why the operator needs the permissions.