rosa-shared-vpc-config.adoc

_attributes/attributes-openshift-dedicated.adoc

Configuring a shared VPC for ROSA clusters

You can create {product-title} clusters in shared, centrally-managed AWS virtual private clouds (VPCs).

Important

Sharing VPCs across multiple AWS accounts is currently only supported for ROSA Classic clusters using STS for authentication.

Note	This process requires two separate AWS accounts that belong to the same AWS organization. One account functions as the VPC-owning AWS account (VPC Owner), while the other account creates the cluster in the cluster-creating AWS account (Cluster Creator).

Prerequisites for the VPC Owner

• You have an AWS account with the proper permissions to create roles and share resources.

• The Cluster Creator’s AWS account is separate from the VPC Owner’s AWS account.

• Both AWS accounts belong to the same AWS organization.

• You enabled resource sharing from the management account for your organization.

• You have access to the AWS console.

Prerequisites for the Cluster Creator

• You installed the ROSA CLI (rosa) 1.2.26 or later.

• You created all of the required ROSA account roles for creating a cluster.

• The Cluster Creator’s AWS account is separate from the VPC Owner’s AWS account.

• Both AWS accounts belong to the same AWS organization.

Note	Installing a cluster in a shared VPC is supported only for OpenShift 4.12.34 and later, 4.13.10 and later, and all future 4.y-streams.

modules/rosa-sharing-vpc-creation-and-sharing.adoc

Additional resources

• See the AWS documentation for sharing your AWS resources.

modules/rosa-sharing-vpc-dns-and-roles.adoc modules/rosa-sharing-vpc-hosted-zones.adoc modules/rosa-sharing-vpc-cluster-creation.adoc