Compliance Operator reports incorrect results on Managed Services
Environment
- Red Hat OpenShift Service on AWS (ROSA)
- 4
- Red Hat OpenShift Dedicated (OSD)
- 4
- Azure Red Hat OpenShift (ARO)
- 4
Issue
- Why do Compliance Operator scans on Managed Services fail checks on the hosted infrastructure?
Resolution
Compliance Operator provides profiles for Platform and Node. Depending on the managed service, customer may not have access to the Control Plane, which is managed by Red Hat. This is true especially in Hosted Control Plane architectures, which don't advertise Platform profiles intended to scan the control plane. Only Node profiles are supported and tested for managed OpenShift clusters using Hosted Control Plane architectures.
Currently, the Compliance Operator is only tested with ROSA with Hosted Control Planes (HCP). Refer to the
Installing the Compliance Operator on ROSA hosted control planes (HCP) section in documentation.
Red Hat Engineering continues working to establish support for the Compliance Operator in other Cloud Service offering and investigating solutions for profiles on Cloud Services that will account for rules maintained by Red Hat.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments