You need an IBM Cloud® account with some specific permissions to be able to provision the
Red Hat® OpenShift® cluster and other services.
If you do not have an IBM Cloud account yet you must create one. You need an IBM Cloud account
that is created as a Pay-As-You-Go or Subscription accounts. For more information, see the IBM
Cloud Account Types documentation.
To provide and manage the Red Hat OpenShift cluster on IBM Cloud , you need to set the necessary
IBM Cloud classic infrastructure permissions:
Note: If you have problems in setting the permissions, contact your IBM Cloud Account
administrator.
Procedure
- Login in your IBM Cloud account through the IBM Cloud website.
- Go to Manage menu and select Access
(IAM).
- Go to Users menu and select your user from the list.
- Go to the Classic Infrastructure tab.
- In the Permissions tab, grant the various permissions as
follows:
- Expand Account and grant the following permissions:
- Required: Add Server
- Required: Cancel Server
- Suggested: Add/Upgrade Storage (StorageLayer)
- Required: Add/Upgrade Services
- Required: Cancel Services
- Expand Devices and grant the following permissions:
- Required: View Hardware Details
- Required: IPMI Remote Management
- Required: OS Reloads and Rescue Kernel
- Suggested: Manage Port Control
- Required: View Virtual Server Details
- Suggested: Edit Hostname/Domain
- Expand Network and grant the following permissions:
- Suggested: Add IP Addresses
- Suggested: Manage Network Subnet Routes
- Suggested: Add Compute with Public Network Port
- Expand Services and grant the following permissions:
- Suggested: Manage DNS
- Suggested: Storage Manage
- Suggested: View Certificates (SSL)
- Suggested: Manage Certificates (SSL)
- In the Devices tab:
- Suggested: Auto Bare Metal Server Access
- Suggested: Auto Dedicated Host Access
- Suggested: Auto Virtual Server Access
- Click Apply.
- Go to the Access policies tab and click Assign
access.
- Under the IAM services tile, enter or select the following
services and assign the corresponding least privileges:
- IBM Cloud Activity Tracking – This is required to enable IBM Cloud Activity Tracking
integration, which comes as default add-on when you provision your IBM Cloud Red Hat OpenShift cluster.
- Under Platform access, add the Administrator role.
- Click Add.
- IBM Cloud Monitoring service – This is required to enable IBM Cloud Monitoring
integration, which comes as default add-on when you provision your IBM Cloud Red Hat OpenShift cluster.
- Under Platform access, add the Administrator role.
- Click Add.
- IBM Log Analysis – This is required to enable IBM Log Analysis integration, which comes
as default add-on when you provision your IBM Cloud Red Hat OpenShift cluster.
- Under Platform access, add the Administrator role.
- Click Add.
- Container Registry – This is required to enable the clusters that are
created by your user to pull the required images from icr.io, which is the main IBM image registry repository.
- Under Platform access, add the Administrator
role.
- Click Add.
- Databases for MongoDB - This is an alternative for the MongoDB service
available on IBM Cloud . MongoDB is a prerequisite for installing Maximo® Application Suite.
- Under Platform access, add the Editor role.
- Click Add.
- Event Streams – this is an alternative for the Kafka service available on
IBM Cloud . Kafka service is required if you plan to install IoT tool in your Maximo Application Suite instance. It can also be used by Manage and other Suite applications. Refer to each
application documentation for more details.
- Under Platform access, add the Editor role.
- Under Service access, add the Writer role.
- Click Add.
- Internet Services - This is an alternative to provide Domain Name Service
(DNS) management that is required if you are planning to use custom cluster issuers signed by
well-known certificate authorities for your Maximo Application Suite instance.
- Under Platform access, add the Administrator
role.
- Under Service access, add the Manager role.
- Click Add.
- Kubernetes Service – This is needed to provision and manage a Red Hat OpenShift cluster on IBM Cloud .
- Under Platform access, add the Administrator
role.
- Under Service access, add the Writer role.
- Click Add.
- Click Assign to assign all the added permissions to your
user.
Results
The permissions are granted to the user.
What to do next
You can get or obtain your IBM Entitlement key from the IBM Entitled Registry.