rosa_install_access_delete_clusters/rosa-shared-vpc-config.adoc

:_mod-docs-content-type: ASSEMBLY
[id="rosa-shared-vpc-config"]
= Configuring a shared VPC for ROSA clusters
include::_attributes/attributes-openshift-dedicated.adoc[]
:context: rosa-shared-vpc-config

toc::[]

You can create {product-title}
ifdef::openshift-rosa[]
(ROSA)
endif::openshift-rosa[]
clusters in shared, centrally-managed AWS virtual private clouds (VPCs).

include::snippets/install-cluster-in-vpc.adoc[]

[NOTE]
====
This process requires *two separate* AWS accounts that belong to the same AWS organization. One account functions as the VPC-owning AWS account (*VPC Owner*), while the other account creates the cluster in the cluster-creating AWS account (*Cluster Creator*).
====

image::372_OpenShift_on_AWS_persona_worflows_0923_all.png[]
.Prerequisites for the *VPC Owner*
* You have an AWS account with the proper permissions to create roles and share resources.
* The *Cluster Creator's* AWS account is separate from the *VPC Owner's* AWS account.
* Both AWS accounts belong to the same AWS organization.
* You enabled resource sharing from the management account for your organization.
* You have access to the link:https://signin.aws.amazon.com[AWS console].

.Prerequisites for the *Cluster Creator*
* You installed the link:https://console.redhat.com/openshift/downloads#tool-rosa[ROSA CLI (`rosa`)] 1.2.26 or later.
* You created all of the required
ifdef::openshift-rosa[]
xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-account-wide-sts-roles-and-policies_rosa-sts-creating-a-cluster-quickly[account-wide roles and policies]
endif::openshift-rosa[]
ifdef::openshift-rosa-hcp[]
* xref:../rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-account-wide-sts-roles-and-policies_rosa-hcp-sts-creating-a-cluster-quickly[account-wide roles and policies]
endif::openshift-rosa-hcp[]
for creating a cluster.
* The *Cluster Creator's* AWS account is separate from the *VPC Owner's* AWS account.
* Both AWS accounts belong to the same AWS organization.

[NOTE]
====
Installing a cluster in a shared VPC is supported only for OpenShift 4.12.34 and later, 4.13.10 and later, and all future 4.y-streams.
====

include::modules/rosa-sharing-vpc-creation-and-sharing.adoc[leveloffset=+1]

[role="_additional-resources"]
[id="additional-resources_shared-vpc_vpc-creation"]
== Additional resources
* See the AWS documentation for link:https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html[sharing your AWS resources].

include::modules/rosa-sharing-vpc-dns-and-roles.adoc[leveloffset=+1]
include::modules/rosa-sharing-vpc-hosted-zones.adoc[leveloffset=+1]
include::modules/rosa-sharing-vpc-cluster-creation.adoc[leveloffset=+1]
OSDOCS-16195 removing discrete tags from ROSA and OSD 2025-09-22 15:22:59 -07:00			`:_mod-docs-content-type: ASSEMBLY`
OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`[id="rosa-shared-vpc-config"]`
Text rework 2023-09-07 14:15:54 -07:00			`= Configuring a shared VPC for ROSA clusters`
OSDOCS-16195 removing discrete tags from ROSA and OSD 2025-09-22 15:22:59 -07:00			`include::_attributes/attributes-openshift-dedicated.adoc[]`
OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`:context: rosa-shared-vpc-config`

			`toc::[]`

OSDOCS-16195 removing discrete tags from ROSA and OSD 2025-09-22 15:22:59 -07:00			`You can create {product-title}`
Text rework 2023-09-07 14:15:54 -07:00			`ifdef::openshift-rosa[]`
			`(ROSA)`
			`endif::openshift-rosa[]`
OSDOCS-12666 2024-12-02 14:54:28 -08:00			`clusters in shared, centrally-managed AWS virtual private clouds (VPCs).`
OSDOCS-10637 Adding warnings re. using shared VPCs for HCP clusters 2024-05-22 21:40:06 +10:00
adding in a note for VPC in prep your environ and installing clusters for all repos adding in a note for VPC in prep your environ and installing clusters adding in a note for VPC in prep your environ and installing cluster for ods gcp line160 adding in a note for VPC in prep your environ and installing cluster for osd gcp line128 adding in a note for VPC in prep your environ and installing cluster for osd gcp adding in a note for VPC in prep your environ and installing cluster for osd adding in a note for VPC in prep your environ and installing cluster adding in a note for VPC in prep your environ and installing cluster adding in a note for VPC for OSD adding in a note for VPC adding in a note adding in a notes adding in a note fixing numbering after using snippet removed snippet from rhm module as out of use 2025-09-02 15:33:11 +01:00			`include::snippets/install-cluster-in-vpc.adoc[]`

Text rework 2023-09-07 14:15:54 -07:00			`[NOTE]`
			`====`
			`This process requires two separate AWS accounts that belong to the same AWS organization. One account functions as the VPC-owning AWS account (VPC Owner), while the other account creates the cluster in the cluster-creating AWS account (Cluster Creator).`
			`====`

			`image::372_OpenShift_on_AWS_persona_worflows_0923_all.png[]`
			`.Prerequisites for the VPC Owner`
OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`* You have an AWS account with the proper permissions to create roles and share resources.`
Text rework 2023-09-07 14:15:54 -07:00			`* The Cluster Creator's AWS account is separate from the VPC Owner's AWS account.`
OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`* Both AWS accounts belong to the same AWS organization.`
			`* You enabled resource sharing from the management account for your organization.`
			`* You have access to the link:https://signin.aws.amazon.com[AWS console].`

Text rework 2023-09-07 14:15:54 -07:00			`.Prerequisites for the Cluster Creator`
			* You installed the link:https://console.redhat.com/openshift/downloads#tool-rosa[ROSA CLI (`rosa`)] 1.2.26 or later.
OSDOCS-11789 ROSA HCP/Classic split: Prepare your environment - Including changes from OSDOCS-11640 by cherry-picking in 16db23b - Rebased against main following merge of rosa_hcp_migration branch - Corrected missing 500 node max support limit - Applied peer and merge review feedback Squashed: 1 - Intial commit for the ROSA with HCP branch 2 - Adding the Upgrading HCP cherrypick 3 - Adding the Security HCP cherrypick 4 - Upgrading ROSA with HCP updates 5 - Updated the HCP migration to include the ROSA Tutorals and Learning sections 6 - Updated the HCP migration to add the rest of the books from the password protected preview 7 - Repaired the links in Introduction to ROSA book 8 - classic to hcp migration topic maps update commented in the end of section in topic map applied QE suggestions from gdoc applied more QE suggestions from gdoc applied conditions for new hcp distro to assemblies and modules fixed typo on line 13 of configuring registry operator replaced namespace as suggested by QE removed operator pod list removed space in rosa topic maps removed spacing in line 39 of checking status of pods 2024-09-16 17:53:38 -04:00			`* You created all of the required`
			`ifdef::openshift-rosa[]`
			`xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-account-wide-sts-roles-and-policies_rosa-sts-creating-a-cluster-quickly[account-wide roles and policies]`
			`endif::openshift-rosa[]`
			`ifdef::openshift-rosa-hcp[]`
			`* xref:../rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-account-wide-sts-roles-and-policies_rosa-hcp-sts-creating-a-cluster-quickly[account-wide roles and policies]`
			`endif::openshift-rosa-hcp[]`
			`for creating a cluster.`
Text rework 2023-09-07 14:15:54 -07:00			`* The Cluster Creator's AWS account is separate from the VPC Owner's AWS account.`
			`* Both AWS accounts belong to the same AWS organization.`

OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`[NOTE]`
			`====`
Text rework 2023-09-07 14:15:54 -07:00			`Installing a cluster in a shared VPC is supported only for OpenShift 4.12.34 and later, 4.13.10 and later, and all future 4.y-streams.`
OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`====`

			`include::modules/rosa-sharing-vpc-creation-and-sharing.adoc[leveloffset=+1]`

			`[role="_additional-resources"]`
			`[id="additional-resources_shared-vpc_vpc-creation"]`
OSDOCS-16195 removing discrete tags from ROSA and OSD 2025-09-22 15:22:59 -07:00			`== Additional resources`
OSDOSC-6528: Created documentation for creating a shared VPC 2023-08-22 10:23:44 -04:00			`* See the AWS documentation for link:https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html[sharing your AWS resources].`

			`include::modules/rosa-sharing-vpc-dns-and-roles.adoc[leveloffset=+1]`
			`include::modules/rosa-sharing-vpc-hosted-zones.adoc[leveloffset=+1]`
OSDOCS-5815 2025-04-04 11:30:53 -07:00			`include::modules/rosa-sharing-vpc-cluster-creation.adoc[leveloffset=+1]`