Custom OIDC Provider on ROSA

Solution Verified - Updated -

Environment

  • Red Hat OpenShift Service on AWS

Issue

  • Need to deploy another OIDC Provider in ROSA non-STS.
  • Custom OIDC does not work with ROSA.

Resolution

  • Adding Custom OIDC is not supported in ROSA.

  • Instead use the ROSA OIDC provider that is already attached to the ROSA- STS cluster.

Root Cause

  • Deploying another OIDC provider into a ROSA cluster can actually break the cluster.

Diagnostic Steps

As per ocm CLI the Cluster is non-STS.

$ export CLUSTER_ID=xxxxxxxxxxxxxxxxxxxxxx

$ ocm describe cluster $CLUSTER_ID | grep STS

STS:            false

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments