managed-cluster-config icon indicating copy to clipboard operation
managed-cluster-config copied to clipboard

Published 20 hours ago verified publisher icon openshift

OCM-20625 | feat: Managed Policy additions for Karpenter on ROSA HCP

Open robpblake opened this issue 3 weeks ago • 1 comments

What type of PR is this?

Feature

What this PR does / why we need it?

This PR adds the following:

  • A new Managed Policy for the Karpenter Controller on ROSA HCP
  • Additions to the Control Plane Operator managed policy to allow for tagging of SecurityGroups as a day-2 operation
  • Additions to the installer role managed policy to allow for validation of user provided SQS queue URLs when configuring Karpenter Spot instance interruptions

Which Jira/Github issue(s) this PR fixes?

Fixes #

Special notes for your reviewer:

Pre-checks (if applicable):

  • [ ] Tested latest changes against a cluster

  • [ ] Included documentation changes with PR

  • [ ] If this is a new object that is not intended for the FedRAMP environment (if unsure, please reach out to team FedRAMP), please exclude it with:

    matchExpressions:
- key: api.openshift.com/fedramp
  operator: NotIn
  values: ["true"]

robpblake avatar Nov 11 '25 15:11 robpblake

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: robpblake Once this PR has been reviewed and has the lgtm label, please assign iamkirkbater for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci[bot] avatar Nov 11 '25 15:11 openshift-ci[bot]