From 11778f6efd39a7431fd5a756b551be96937d432f Mon Sep 17 00:00:00 2001 From: Shafer Slockett Date: Wed, 21 Jan 2026 13:45:40 -0500 Subject: [PATCH] OSDOCS-17760: Add RN for --permissions-boundary-arn ccoctl flag. --- modules/rn-ocp-release-notes-new-features.adoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/rn-ocp-release-notes-new-features.adoc b/modules/rn-ocp-release-notes-new-features.adoc index c0be71316a..6a38d2b2d3 100644 --- a/modules/rn-ocp-release-notes-new-features.adoc +++ b/modules/rn-ocp-release-notes-new-features.adoc @@ -211,6 +211,10 @@ As of this update, you can manage your own firewall rules when installing a clus + For more information, see xref:../installing/installing_gcp/installing-gcp-account.adoc#installation-gcp-user-managed-firewall-rules_installing-gcp-account[Managing your own firewall rules]. +The `ccoctl` utility supports {aws-full} permissions boundaries:: ++ +The Cloud Credential Operator utility (`ccoctl`) now supports attaching an {aws-short} permissions boundary to the IAM roles that it creates. You can use this feature to meet organizational security requirements that restrict the maximum permissions of created roles. + Throughput customization for {aws-full} gp3 drives:: + With this update, you can now customize the maximum throughput for gp3 `rootVolume` drives when installing a cluster on {aws-full}. This customization is set by modifying the `compute.platform.aws.rootVolume.throughput` or `controlPlane.platform.aws.rootVolume.throughput` parameters in the `install-config.yaml` file.