Creating your IBM Cloud account and configuring permissions

You need an IBM Cloud® account with some specific permissions to be able to provision the Red Hat® OpenShift® cluster and other services.

If you do not have an IBM Cloud account yet you must create one. You need an IBM Cloud account that is created as a Pay-As-You-Go or Subscription accounts. For more information, see the IBM Cloud Account Types documentation.

To provide and manage the Red Hat OpenShift cluster on IBM Cloud , you need to set the necessary IBM Cloud classic infrastructure permissions:

Note: If you have problems in setting the permissions, contact your IBM Cloud Account administrator.

Procedure

  1. Login in your IBM Cloud account through the IBM Cloud website.
  2. Go to Manage menu and select Access (IAM).
  3. Go to Users menu and select your user from the list.
  4. Go to the Classic Infrastructure tab.
  5. In the Permissions tab, grant the various permissions as follows:
    1. Expand Account and grant the following permissions:
      • Required: Add Server
      • Required: Cancel Server
      • Suggested: Add/Upgrade Storage (StorageLayer)
      • Required: Add/Upgrade Services
      • Required: Cancel Services
    2. Expand Devices and grant the following permissions:
      • Required: View Hardware Details
      • Required: IPMI Remote Management
      • Required: OS Reloads and Rescue Kernel
      • Suggested: Manage Port Control
      • Required: View Virtual Server Details
      • Suggested: Edit Hostname/Domain
    3. Expand Network and grant the following permissions:
      • Suggested: Add IP Addresses
      • Suggested: Manage Network Subnet Routes
      • Suggested: Add Compute with Public Network Port
    4. Expand Services and grant the following permissions:
      • Suggested: Manage DNS
      • Suggested: Storage Manage
      • Suggested: View Certificates (SSL)
      • Suggested: Manage Certificates (SSL)
  6. In the Devices tab:
    • Suggested: Auto Bare Metal Server Access
    • Suggested: Auto Dedicated Host Access
    • Suggested: Auto Virtual Server Access
  7. Click Apply.
  8. Go to the Access policies tab and click Assign access.
  9. Under the IAM services tile, enter or select the following services and assign the corresponding least privileges:
    1. IBM Cloud Activity Tracking – This is required to enable IBM Cloud Activity Tracking integration, which comes as default add-on when you provision your IBM Cloud Red Hat OpenShift cluster.
      1. Under Platform access, add the Administrator role.
      2. Click Add.
    2. IBM Cloud Monitoring service – This is required to enable IBM Cloud Monitoring integration, which comes as default add-on when you provision your IBM Cloud Red Hat OpenShift cluster.
      1. Under Platform access, add the Administrator role.
      2. Click Add.
    3. IBM Log Analysis – This is required to enable IBM Log Analysis integration, which comes as default add-on when you provision your IBM Cloud Red Hat OpenShift cluster.
      1. Under Platform access, add the Administrator role.
      2. Click Add.
    4. Container Registry – This is required to enable the clusters that are created by your user to pull the required images from icr.io, which is the main IBM image registry repository.
      1. Under Platform access, add the Administrator role.
      2. Click Add.
    5. Databases for MongoDB - This is an alternative for the MongoDB service available on IBM Cloud . MongoDB is a prerequisite for installing Maximo® Application Suite.
      1. Under Platform access, add the Editor role.
      2. Click Add.
    6. Event Streams – this is an alternative for the Kafka service available on IBM Cloud . Kafka service is required if you plan to install IoT tool in your Maximo Application Suite instance. It can also be used by Manage and other Suite applications. Refer to each application documentation for more details.
      1. Under Platform access, add the Editor role.
      2. Under Service access, add the Writer role.
      3. Click Add.
    7. Internet Services - This is an alternative to provide Domain Name Service (DNS) management that is required if you are planning to use custom cluster issuers signed by well-known certificate authorities for your Maximo Application Suite instance.
      1. Under Platform access, add the Administrator role.
      2. Under Service access, add the Manager role.
      3. Click Add.
    8. Kubernetes Service – This is needed to provision and manage a Red Hat OpenShift cluster on IBM Cloud .
      1. Under Platform access, add the Administrator role.
      2. Under Service access, add the Writer role.
      3. Click Add.
  10. Click Assign to assign all the added permissions to your user.

Results

The permissions are granted to the user.

What to do next

You can get or obtain your IBM Entitlement key from the IBM Entitled Registry.