openshift-docs/modules/rosa-govcloud-privatelink-create-cluster.adoc

// Module included in the following assemblies:
// * rosa_install_access_delete_clusters/rosa-aws-privatelink-creating-cluster.adoc

:_mod-docs-content-type: PROCEDURE
[id="rosa-aws-privatelink-create-cluster_{context}"]
= Creating an AWS PrivateLink cluster

You can create an AWS PrivateLink cluster using the {rosa-cli-first}.

[NOTE]
====
AWS PrivateLink is supported on existing VPCs only.
====

.Prerequisites

* You have available AWS service quotas.
* You have enabled the {product-title} service in the AWS Console.
* You have installed and configured the latest {rosa-cli}, on your installation host.
* For GovCloud, you have enabled the {product-title} service in the AWS Console on the linked commercial account because it is inside the commercial account that you enable {product-title} for GovCloud. For more information, see link:https://docs.aws.amazon.com/rosa/latest/userguide/set-up.html#enable-rosa[Enable ROSA and configure AWS prerequisites].
* For link:https://docs.aws.amazon.com/rosa/latest/userguide/integration-marketplace.html#_private_marketplace[Private Marketplace], you have enabled the {product-title} service in the AWS Console.
ifdef::openshift-rosa[]
For more information, see link:https://aws.amazon.com/marketplace/pp/prodview-tnyp2h3acabm6[AWS Marketplace listings for ROSA].
endif::openshift-rosa[]
ifdef::openshift-rosa-hcp[]
For more information, see link:https://aws.amazon.com/marketplace/pp/prodview-juiwfhpeizxro[AWS Marketplace listings for ROSA].
endif::openshift-rosa-hcp[]

.Procedure

Creating a cluster can take up to 40 minutes.

. With AWS PrivateLink, you can create a cluster with a single availability zone (Single-AZ) or multiple availability zones (Multi-AZ). In either case, your machine's classless inter-domain routing (CIDR) must match your virtual private cloud's CIDR. See link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/installing_on_aws/installing-aws-vpc#installation-custom-aws-vpc-requirements_installing-aws-vpc[Requirements for using your own VPC] and link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/installing_on_aws/installing-aws-vpc#installation-custom-aws-vpc-validation_installing-aws-vpc[VPC validation] for more information.
+
[IMPORTANT]
====
If you use a firewall, you must configure it so that {product-title} can access the sites that it requires to function.

For more information, see the AWS PrivateLink firewall prerequisites section.
====
+
--
include::snippets/rosa-long-cluster-name.adoc[]
--
+
** To create a Single-AZ cluster:
+
[source,terminal]
----
$ rosa create cluster --private-link --cluster-name=<cluster-name> [--machine-cidr=<VPC CIDR>/16] --subnet-ids=<private-subnet-id>
----
** To create a Multi-AZ cluster:
+
[source,terminal]
----
$ rosa create cluster --private-link --multi-az --cluster-name=<cluster-name> [--machine-cidr=<VPC CIDR>/16] --subnet-ids=<private-subnet-id1>,<private-subnet-id2>,<private-subnet-id3>
----

. Enter the following command to check the status of your cluster. During cluster creation, the `State` field from the output will transition from `pending` to `installing`, and finally to `ready`.
+
[source,terminal]
----
$ rosa describe cluster --cluster=<cluster_name>
----
+
[NOTE]
====
If installation fails or the `State` field does not change to `ready` after 40 minutes, check the installation troubleshooting documentation for more details.
====

. Enter the following command to follow the OpenShift installer logs to track the progress of your cluster:
+
[source,terminal]
----
$ rosa logs install --cluster=<cluster_name> --watch
----