OCM-5247 | fix: block HCP operator-roles with unmanaged policies acco…

…unt role Signed-off-by: Maggie Chen <[email protected]>
openshift · Apr 18, 2024 · 17a72c3 · 17a72c3
1 parent 73ec2f3
commit 17a72c3
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/cmd/create/operatorroles/by_prefix.go b/cmd/create/operatorroles/by_prefix.go
@@ -150,6 +150,11 @@ func handleOperatorRoleCreationByPrefix(r *rosa.Runtime, env string,
 			r.Reporter.Errorf("Failed to determine if the Installer role ARN has hosted CP policies: %v", err)
 			os.Exit(1)
 		}
+
+		if !hostedCPPolicies {
+			r.Reporter.Errorf("Failed to create the operator role since the Installer role ARN '%v' does not have hosted CP policies", args.installerRoleArn)
+			os.Exit(1)
+		}
 	}
 
 	operatorRolesList, err := convertV1OperatorIAMRoleIntoOcmOperatorIamRole(operatorIAMRoleList)