ROSA CLI
1. Getting started with the rosa CLI
Expand section "1. Getting started with the rosa CLI" Collapse section "1. Getting started with the rosa CLI"
1. 1.1. About the rosa CLI
2. 1.2. Setting up the rosa CLI
3. 1.3. Configuring the rosa CLI
  Expand section "1.3. Configuring the rosa CLI" Collapse section "1.3. Configuring the rosa CLI"
4. 1.4. Initializing Red Hat OpenShift Service on AWS
  Expand section "1.4. Initializing Red Hat OpenShift Service on AWS" Collapse section "1.4. Initializing Red Hat OpenShift Service on AWS"
  1. 1.4.1. init
5. 1.5. Using a Bash script
2. Managing objects with the rosa CLI
Expand section "2. Managing objects with the rosa CLI" Collapse section "2. Managing objects with the rosa CLI"
1. 2.1. Common commands and arguments
  Expand section "2.1. Common commands and arguments" Collapse section "2.1. Common commands and arguments"
2. 2.2. Parent commands
  Expand section "2.2. Parent commands" Collapse section "2.2. Parent commands"
3. 2.3. Create objects
  Expand section "2.3. Create objects" Collapse section "2.3. Create objects"
4. 2.4. Edit objects
  Expand section "2.4. Edit objects" Collapse section "2.4. Edit objects"
5. 2.5. Delete objects
  Expand section "2.5. Delete objects" Collapse section "2.5. Delete objects"
6. 2.6. Install and uninstall add-ons
  Expand section "2.6. Install and uninstall add-ons" Collapse section "2.6. Install and uninstall add-ons"
  1. 2.6.1. install addon
  2. 2.6.2. uninstall addon
7. 2.7. List and describe objects
  Expand section "2.7. List and describe objects" Collapse section "2.7. List and describe objects"
8. 2.8. Upgrade and delete upgrade for clusters
  Expand section "2.8. Upgrade and delete upgrade for clusters" Collapse section "2.8. Upgrade and delete upgrade for clusters"
  1. 2.8.1. upgrade cluster
  2. 2.8.2. delete upgrade
3. Checking account and version information with the rosa cli
Expand section "3. Checking account and version information with the rosa cli" Collapse section "3. Checking account and version information with the rosa cli"
1. 3.1. Checking account and version information with the rosa CLI
  Expand section "3.1. Checking account and version information with the rosa CLI" Collapse section "3.1. Checking account and version information with the rosa CLI"
  1. 3.1.1. whoami
  2. 3.1.2. version
4. Checking logs with the rosa CLI
Expand section "4. Checking logs with the rosa CLI" Collapse section "4. Checking logs with the rosa CLI"
1. 4.1. Checking logs with the rosa CLI
  Expand section "4.1. Checking logs with the rosa CLI" Collapse section "4.1. Checking logs with the rosa CLI"
  1. 4.1.1. logs install
  2. 4.1.2. logs uninstall
Legal Notice

Chapter 1. Getting started with the rosa CLI

Setup and basic usage of the rosa CLI.

1.1. About the rosa CLI

Use the rosa command-line utility for Red Hat OpenShift Service on AWS (ROSA) to create, update, manage, and delete Red Hat OpenShift Service on AWS clusters and resources.

1.2. Setting up the rosa CLI

To set up the rosa CLI, download the latest release, then configure and initialize rosa:

Procedure

Download the latest release of the rosa CLI for your operating system from the Download page of Red Hat OpenShift Service on AWS.
It is recommended that after you download the release, you rename the executable file that you downloaded to rosa, and then add rosa to your path.
Optional: After downloading rosa, enable Bash completion for rosa. Bash completion helps to automatically complete commands and suggest options when you press Tab. The command generates a Bash completion file for rosa and sources it to your current shell session.
To configure your Bash shell to load rosa completions for each session, add the following command to your Bashrc file (~/.Bashrc or ~/.profile).
```
$ . <(rosa completion)
```

1.3. Configuring the rosa CLI

Use the following commands to configure the rosa CLI.

1.3.1. login

Log in to your Red Hat account, saving the credentials to the rosa configuration file. You must provide a token when logging in. You can copy your token from the Red Hat OpenShift Service on AWS token page.

The rosa CLI looks for a token in the following priority order:

Command-line arguments
The ROSA_TOKEN environment variable
The rosa configuration file
Interactively from a command-line prompt

Syntax

$ rosa login [arguments]

Table 1.1. Arguments

Option	Definition
--client-id	The OpenID client identifier (string). Default: `cloud-services`
--client-secret	The OpenID client secret (string).
--insecure	Enables insecure communication with the server. This disables verification of TLS certificates and host names.
--scope	The OpenID scope (string). If this option is used, it replaces the default scopes. This can be repeated multiple times to specify multiple scopes. Default: `openid`
--token	Accesses or refreshes the token (string).
--token-url	The OpenID token URL (string). Default: `https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token`

Table 1.2. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

1.3.2. logout

Log out of rosa. Logging out also removes the rosa configuration file.

Syntax

$ rosa logout [arguments]

Table 1.3. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

1.3.3. verify permissions

Verify that the AWS permissions required to create a ROSA cluster are configured correctly:

Syntax

$ rosa verify permissions [arguments]

Note

This command verifies permissions only for clusters that do not use the AWS Security Token Service (STS).

Table 1.4. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--region	The AWS region (string) in which to run the command. This value overrides the `AWS_REGION` environment variable.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

Examples

Verify that the AWS permissions are configured correctly:

$ rosa verify permissions

Verify that the AWS permissions are configured correctly in a specific region:

$ rosa verify permissions --region=us-west-2

1.3.4. verify quota

Verifies that AWS quotas are configured correctly for your default region.

Syntax

$ rosa verify quota [arguments]

Table 1.5. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--region	The AWS region (string) in which to run the command. This value overrides the `AWS_REGION` environment variable.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

Examples

Verify that the AWS quotas are configured correctly for the default region:

$ rosa verify quota

Verify that the AWS quotas are configured correctly in a specific region:

$ rosa verify quota --region=us-west-2

1.3.5. download oc

Download the latest compatible version of the OpenShift Container Platform CLI (oc).

After downloading oc, you must unzip the archive and add it to your path.

Syntax

$ rosa download oc [arguments]

Table 1.6. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

Example

Download oc client tools:

$ rosa download oc

1.3.6. verify oc

Verifies that the OpenShift Container Platform CLI (oc) is installed correctly.

Syntax

$ rosa verify oc [arguments]

Table 1.7. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--region	The AWS region (string) in which to run the command. This value overrides the AWS_REGION environment variable.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

Example

Verify oc client tools:

$ rosa verify oc

1.4. Initializing Red Hat OpenShift Service on AWS

Use the init command to initialize Red Hat OpenShift Service on AWS (ROSA).

1.4.1. init

Perform a series of checks to verify that you are ready to deploy an Red Hat OpenShift Service on AWS cluster.

The list of checks includes the following:

Checks to see that you have logged in (see login)
Checks that your AWS credentials are valid
Checks that your AWS permissions are valid (see verify permissions)
Checks that your AWS quota levels are high enough (see verify quota)
Runs a cluster simulation to ensure cluster creation will perform as expected
Checks that the osdCcsAdmin user has been created in your AWS account
Checks that the OpenShift Container Platform command-line tool is available on your system

Syntax

$ rosa init [arguments]

Table 1.8. Arguments

Option	Definition
--region	The AWS region (string) in which to verify quota and permissions. This value overrides the `AWS_REGION` environment variable only when running the `init` command, but it does not change your AWS CLI configuration.
--delete-stack	Deletes the stack template that is applied to your AWS account during the `init` command.
--client-id	The OpenID client identifier (string). Default: `cloud-services`
--client-secret	The OpenID client secret (string).
--insecure	Enables insecure communication with the server. This disables verification of TLS certificates and host names.
--scope	The OpenID scope (string). If this option is used, it completely replaces the default scopes. This can be repeated multiple times to specify multiple scopes. Default: `openid`
--token	Accesses or refreshes the token (string).
--token-url	The OpenID token URL (string). Default: `https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token`

Table 1.9. Optional arguments inherited from parent commands

Option	Definition
--help	Shows help for this command.
--debug	Enables debug mode.
--profile	Specifies an AWS profile (string) from your credentials file.
--v <level>	The log level for V logs.

Examples

Configure your AWS account to allow ROSA clusters:

$ rosa init

Configure a new AWS account using pre-existing OpenShift Cluster Manager credentials:

$ rosa init --token=$OFFLINE_ACCESS_TOKEN

1.5. Using a Bash script

This is an example workflow of how to use a Bash script with the rosa CLI.

Prerequisites

Make sure that AWS credentials are available as one of the following options:

AWS profile
Environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

Procedure

Initialize rosa using an Red Hat OpenShift Cluster Manager offline token from Red Hat:
```
$ rosa init --token=<token>
```
Create the Red Hat OpenShift Service on AWS (ROSA) cluster:
```
$ rosa create cluster --cluster-name=<cluster_name>
```

Add an identity provider (IDP):

$ rosa create idp --cluster=<cluster_name> --type=<identity_provider> [arguments]

Add a dedicated-admin user:

$ rosa grant user dedicated-admin --user=<idp_user_name> --cluster=<cluster_name>

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Chapter 1. Getting started with the rosa CLI

1.1. About the rosa CLI

1.2. Setting up the rosa CLI

1.3. Configuring the rosa CLI

1.3.1. login

1.3.2. logout

1.3.3. verify permissions

1.3.4. verify quota

1.3.5. download oc

1.3.6. verify oc

1.4. Initializing Red Hat OpenShift Service on AWS

1.4.1. init

1.5. Using a Bash script