From 4d12f4da88803de17ad45cd820c6f0954c58f3cf Mon Sep 17 00:00:00 2001 From: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> Date: Wed, 19 Feb 2025 16:21:48 -0500 Subject: [PATCH] Clean up IAM policy references The IAM policy controller has been removed. Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> --- add-ons/cluster_wide_proxy.adoc | 3 --- add-ons/klusterlet_managed.adoc | 3 --- add-ons/modify_endpoint.adoc | 6 ------ clusters/cluster_lifecycle/import_cli.adoc | 2 -- install/cleanup_reinstall.adoc | 2 +- observability/grafana_labels.adoc | 2 -- 6 files changed, 1 insertion(+), 17 deletions(-) diff --git a/add-ons/cluster_wide_proxy.adoc b/add-ons/cluster_wide_proxy.adoc index 74199bbc00..f0ef834059 100644 --- a/add-ons/cluster_wide_proxy.adoc +++ b/add-ons/cluster_wide_proxy.adoc @@ -67,9 +67,6 @@ apiVersion: agent.open-cluster-management.io/v1 certPolicyController: enabled: true proxyPolicy: Disabled - iamPolicyController: - enabled: true - proxyPolicy: Disabled ---- *Important:* Global proxy settings do not impact alert forwarding. To set up alert forwarding for {acm-short} hub clusters with a cluster-wide proxy, see link:../observability/customize_observability.adoc#forward-alerts[Forwarding alerts] for more details. diff --git a/add-ons/klusterlet_managed.adoc b/add-ons/klusterlet_managed.adoc index 90d0eddb93..4e400e811b 100644 --- a/add-ons/klusterlet_managed.adoc +++ b/add-ons/klusterlet_managed.adoc @@ -7,7 +7,6 @@ See the following available klusterlet add-ons: - application-manager - cert-policy-controller - config-policy-controller -- iam-policy-controller - governance-policy-framework - search-collector @@ -28,8 +27,6 @@ spec: enabled: true certPolicyController: enabled: true - iamPolicyController: - enabled: true policyController: <1> enabled: true searchCollector: diff --git a/add-ons/modify_endpoint.adoc b/add-ons/modify_endpoint.adoc index 12292f287c..3b5244805e 100644 --- a/add-ons/modify_endpoint.adoc +++ b/add-ons/modify_endpoint.adoc @@ -22,8 +22,6 @@ spec: enabled: true certPolicyController: enabled: true - iamPolicyController: - enabled: true policyController: enabled: true searchCollector: @@ -48,10 +46,6 @@ The following settings can be updated in the `klusterletaddonconfigs.agent.open- | `true` or `false` | This controller enforces certificate-based policies on the managed cluster. -| iamPolicyController -| `true` or `false` -| This controller enforces the IAM-based policy lifecycle on the managed cluster. - | policyController | `true` or `false` | This controller enforces all other policy rules on the managed cluster. diff --git a/clusters/cluster_lifecycle/import_cli.adoc b/clusters/cluster_lifecycle/import_cli.adoc index ffbd84ee81..4e7fb9cc07 100644 --- a/clusters/cluster_lifecycle/import_cli.adoc +++ b/clusters/cluster_lifecycle/import_cli.adoc @@ -206,8 +206,6 @@ spec: enabled: true certPolicyController: enabled: true - iamPolicyController: - enabled: true policyController: enabled: true searchCollector: diff --git a/install/cleanup_reinstall.adoc b/install/cleanup_reinstall.adoc index 583e5a1b4c..5b3ef0d36e 100644 --- a/install/cleanup_reinstall.adoc +++ b/install/cleanup_reinstall.adoc @@ -24,7 +24,7 @@ ACM_NAMESPACE= oc delete mch --all -n $ACM_NAMESPACE oc delete apiservice v1.admission.cluster.open-cluster-management.io v1.admission.work.open-cluster-management.io oc delete clusterimageset --all -oc delete clusterrole multiclusterengines.multicluster.openshift.io-v1-admin multiclusterengines.multicluster.openshift.io-v1-crdview multiclusterengines.multicluster.openshift.io-v1-edit multiclusterengines.multicluster.openshift.io-v1-view open-cluster-management:addons:application-manager open-cluster-management:admin-aggregate open-cluster-management:cert-policy-controller-hub open-cluster-management:cluster-manager-admin-aggregate open-cluster-management:config-policy-controller-hub open-cluster-management:edit-aggregate open-cluster-management:iam-policy-controller-hub open-cluster-management:policy-framework-hub open-cluster-management:view-aggregate +oc delete clusterrole multiclusterengines.multicluster.openshift.io-v1-admin multiclusterengines.multicluster.openshift.io-v1-crdview multiclusterengines.multicluster.openshift.io-v1-edit multiclusterengines.multicluster.openshift.io-v1-view open-cluster-management:addons:application-manager open-cluster-management:admin-aggregate open-cluster-management:cert-policy-controller-hub open-cluster-management:cluster-manager-admin-aggregate open-cluster-management:config-policy-controller-hub open-cluster-management:edit-aggregate open-cluster-management:policy-framework-hub open-cluster-management:view-aggregate oc delete crd klusterletaddonconfigs.agent.open-cluster-management.io placementbindings.policy.open-cluster-management.io policies.policy.open-cluster-management.io userpreferences.console.open-cluster-management.io discoveredclusters.discovery.open-cluster-management.io discoveryconfigs.discovery.open-cluster-management.io oc delete mutatingwebhookconfiguration ocm-mutating-webhook managedclustermutators.admission.cluster.open-cluster-management.io multicluster-observability-operator oc delete validatingwebhookconfiguration channels.apps.open.cluster.management.webhook.validator application-webhook-validator multiclusterhub-operator-validating-webhook ocm-validating-webhook multicluster-observability-operator multiclusterengines.multicluster.openshift.io diff --git a/observability/grafana_labels.adoc b/observability/grafana_labels.adoc index 236b61f0c8..3e363afc8f 100644 --- a/observability/grafana_labels.adoc +++ b/observability/grafana_labels.adoc @@ -17,7 +17,6 @@ data: - feature.open-cluster-management.io/addon-cluster-proxy - feature.open-cluster-management.io/addon-config-policy-controller - feature.open-cluster-management.io/addon-governance-policy-framework - - feature.open-cluster-management.io/addon-iam-policy-controller - feature.open-cluster-management.io/addon-observability-controller - feature.open-cluster-management.io/addon-search-collector - feature.open-cluster-management.io/addon-work-manager @@ -56,7 +55,6 @@ data: - feature.open-cluster-management.io/addon-cluster-proxy - feature.open-cluster-management.io/addon-config-policy-controller - feature.open-cluster-management.io/addon-governance-policy-framework - - feature.open-cluster-management.io/addon-iam-policy-controller - feature.open-cluster-management.io/addon-observability-controller - feature.open-cluster-management.io/addon-search-collector - feature.open-cluster-management.io/addon-work-manager