mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 21:46:22 +01:00
20 lines
1.1 KiB
Plaintext
20 lines
1.1 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/installing_aws/manually-creating-iam.adoc
|
|
// * installing/installing_azure/manually-creating-iam-azure.adoc
|
|
// * installing/installing_gcp/manually-creating-iam-gcp.adoc
|
|
|
|
[id="mint-mode_{context}"]
|
|
= Mint mode
|
|
|
|
Mint mode is the default and recommended Cloud Credential Operator (CCO) credentials mode for {product-title}. In this mode, the CCO uses the provided administrator-level cloud credential to run the cluster. Mint mode is supported for AWS, GCP, and Azure.
|
|
|
|
In mint mode, the `admin` credential is stored in the `kube-system` namespace and then used by the CCO to process the `CredentialsRequest` objects in the cluster and create users for each with specific permissions.
|
|
|
|
The benefits of mint mode include:
|
|
|
|
* Each cluster component has only the permissions it requires
|
|
* Automatic, on-going reconciliation for cloud credentials, including additional credentials or permissions that might be required for upgrades
|
|
|
|
One drawback is that mint mode requires `admin` credential storage in a cluster `kube-system` secret.
|