$ rosa create cluster --cluster-name=<cluster_name> --private
A Red Hat OpenShift service on AWS cluster can be made private so that internal applications can be hosted inside a corporate network. In addition, private clusters can be configured to have only internal API endpoints for increased security.
Privacy settings can be configured during cluster creation or after a cluster is established.
You can enable the private cluster setting when creating a new Red Hat OpenShift service on AWS cluster.
Private clusters cannot be used with AWS security token service (STS). However, STS supports AWS PrivateLink clusters. |
AWS VPC Peering, VPN, DirectConnect, or TransitGateway has been configured to allow private access.
Enter the following command to create a new private cluster.
$ rosa create cluster --cluster-name=<cluster_name> --private
Alternatively, use |
After a cluster has been created, you can later enable the cluster to be private.
Private clusters cannot be used with AWS security token service (STS). However, STS supports AWS PrivateLink clusters. |
AWS VPC Peering, VPN, DirectConnect, or TransitGateway has been configured to allow private access.
Enter the following command to enable the --private
option on an existing cluster.
$ rosa edit cluster --cluster=<cluster_name> --private
Transitioning your cluster between private and public can take several minutes to complete. |