From 667c810b3ec3d1b10e9cc80b01574acdcc3ffee0 Mon Sep 17 00:00:00 2001
From: mletalie <mletalie@redhat.com>
Date: Thu, 19 Dec 2024 12:55:16 -0500
Subject: [PATCH] verify WIF command

---
 modules/create-wif-cluster-cli.adoc | 44 ++++++++++++++++++++++++-----
 1 file changed, 37 insertions(+), 7 deletions(-)

diff --git a/modules/create-wif-cluster-cli.adoc b/modules/create-wif-cluster-cli.adoc
index 19651ae282..a35fbafcbb 100644
--- a/modules/create-wif-cluster-cli.adoc
+++ b/modules/create-wif-cluster-cli.adoc
@@ -186,6 +186,22 @@ $ ocm create cluster <cluster_name> \ <1>
 <12> Optional: Maximum number of compute nodes.
 <13> Optional: Secure Boot enables the use of Shielded VMs in the Google Cloud Platform.
 
+[id="ocm-cli-list-wif-commands_{context}"]
+== Listing WIF clusters
+
+To list all of your {product-title} clusters that have been deployed using the WIF authentication type, run the following command:
+
+[source,terminal]
+----
+$ ocm list clusters --parameter search="gcp.authentication.wif_config_id != ''"
+----
+To list all of your {product-title} clusters that have been deployed using a specific wif-config, run the following command:
+[source,terminal]
+----
+$ ocm list clusters --parameter search="gcp.authentication.wif_config_id = '<wif_config_id>'" <1>
+----
+<1> Replace `<wif_config_id>` with the ID of the WIF configuration.
+
 [id="wif-configuration-update_{context}"]
 == Updating a WIF configuration
 
@@ -205,18 +221,32 @@ ocm gcp update wif-config --version <version> \ <1>
 <1> Replace `<version>` with the {product-title} y-stream version you plan to update the cluster to.
 <2> Replace `<wif_name>` with the name of the WIF configuration you want to update.
 
-[id="ocm-cli-list-wif-commands_{context}"]
-== List WIF clusters
+[id="ocm-cli-verify-wif-commands_{context}"]
+== Verifying a WIF configuration
+You can verify that the configuration of resources associated with a WIF configuration are correct by running the `ocm gcp verify wif-config` command. If a misconfiguration is found, the output provides details about the misconfiguration and recommends that you update the WIF configuration.
 
-To list all of your {product-title} clusters that have been deployed using the WIF authentication type, run the following command:
+You need the name and ID of the WIF configuration you want to verify before verification.
+To obtain the name and ID of your active WIF configurations, run the following command:
 
 [source,terminal]
 ----
-$ ocm list clusters --parameter search="gcp.authentication.wif_config_id != ''"
+$ ocm gcp list wif-configs
 ----
-To list all of your {product-title} clusters that have been deployed using a specific wif-config, run the following command:
+
+To determine if the WIF configuration you want to verify is configured correctly, run the following command:
+
 [source,terminal]
 ----
-$ ocm list clusters --parameter search="gcp.authentication.wif_config_id = '<wif_config_id>'" <1>
+$ ocm gcp verify wif-config <wif_config_name>|<wif_config_id> <1>
 ----
-<1> Replace `<wif_config_id>` with the ID of the WIF configuration to list the clusters that have been deployed using that WIF configuration.
\ No newline at end of file
+<1> Replace `<wif_config_name>` and `<wif_config_id>` with the name and ID of your WIF configuration, respectively.
+
+--
+.Example output
+[source,terminal]
+----
+Error: verification failed with error: missing role 'compute.storageAdmin'.
+Running 'ocm gcp update wif-config' may fix errors related to cloud resource misconfiguration.
+exit status 1.
+----
+--