Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 1. What’s new with Red Hat OpenShift Service on AWS classic architecture

Red Hat OpenShift Service on AWS classic architecture is a fully-managed, turnkey application platform that allows you to focus on delivering value to your customers by building and deploying applications. Red Hat and AWS site reliability engineering (SRE) experts manage the underlying platform so you do not have to worry about the complexity of infrastructure management. Red Hat OpenShift Service on AWS classic architecture provides seamless integration with a wide range of AWS compute, database, analytics, machine learning, networking, mobile, and other services to further accelerate the building and delivering of differentiating experiences to your customers.

Red Hat OpenShift Service on AWS classic architecture clusters are available on the Red Hat Hybrid Cloud Console. With the Red Hat OpenShift Cluster Manager application for Red Hat OpenShift Service on AWS classic architecture, you can deploy Red Hat OpenShift Service on AWS classic architecture clusters to cloud environments.

1.1. New changes and updates
Copy link

1.1.1. Q4 2025
Copy link

1.1.2. Q3 2025
Copy link

  • Changed default ingress listening method to begin with Day 1 operations. Previously, the default ingress listening method was a Day 2 operation. Now, the default ingress listening method is a Day 1 operation.

1.1.3. Q2 2025
Copy link

  • Updated version requirements for migration from OpenShift SDN to OVN-Kubernetes. Your cluster version must be 4.16.43 or above to initiate live migration from the OpenShift SDN network plugin to the OVN-Kubernetes network plugin.

    If your cluster uses the OpenShift SDN network plugin, you cannot upgrade to future major versions of Red Hat OpenShift Service on AWS classic architecture without migrating to OVN-Kubernetes.

    For more information about migrating to OVN-Kubernetes, see Migrating from OpenShift SDN network plugin to OVN-Kubernetes network plugin.

  • AWS Trainium and Inferentia instance types now supported. You can now use Amazon Web Services (AWS) Trainium and Inferentia instance types for your Red Hat OpenShift Service on AWS classic architecture clusters. For more information, see Red Hat OpenShift Service on AWS classic architecture instance types.
  • New version of Red Hat OpenShift Service on AWS classic architecture available. Red Hat OpenShift Service on AWS classic architecture version 4.19 is now available for new clusters.
  • Red Hat OpenShift Service on AWS classic architecture cluster ownership transfer is now available for Red Hat OpenShift Service on AWS classic architecture. You can now transfer ownership of Red Hat OpenShift Service on AWS classic architecture clusters. For more information, see Initiating ownership transfer of a Red Hat OpenShift Service on AWS classic architecture cluster.

1.1.4. Q1 2025
Copy link

  • Red Hat OpenShift Service on AWS classic architecture region added. Red Hat OpenShift Service on AWS classic architecture is now available in the following regions:

  • Cluster autoscaling is now available for Red Hat OpenShift Service on AWS classic architecture. You can configure cluster autoscaling for Red Hat OpenShift Service on AWS classic architecture. For more information, see Cluster autoscaling.
  • New version of Red Hat OpenShift Service on AWS classic architecture available. Red Hat OpenShift Service on AWS classic architecture version 4.18 is now available. For more information about upgrading to this latest version, see Upgrading Red Hat OpenShift Service on AWS classic architecture clusters.

  • Graphical installer enhancements. You can now use the graphical installer in Red Hat Hybrid Cloud Console to configure the following options when you create your cluster:

    • Configure a cluster-admin user and optionally define a custom password.
    • Configure the root disk size for the default machine pool.
  • Red Hat OpenShift Service on AWS classic architecture cluster node limit update. Red Hat OpenShift Service on AWS classic architecture clusters versions 4.14.14 and greater can now scale to 249 worker nodes. This is an increase from the previous limit of 180 nodes.
  • Red Hat SRE log-based alerting endpoints have been updated. Red Hat OpenShift Service on AWS classic architecture customers who are using a firewall to control egress traffic can now remove all references to *.osdsecuritylogs.splunkcloud.com:9997 from your firewall allowlist. Red Hat OpenShift Service on AWS classic architecture clusters still require the http-inputs-osdsecuritylogs.splunkcloud.com:443 log-based alerting endpoint to be accessible from the cluster.

1.1.5. Q4 2024
Copy link

  • Learning tutorials for Red Hat OpenShift Service on AWS classic architecture cluster and application deployment. You can now use the Getting started with Red Hat OpenShift Service on AWS classic architecture tutorials to quickly deploy a Red Hat OpenShift Service on AWS classic architecture cluster for demo or learning purposes. You can also use the Deploying an application tutorials to deploy an application on your demo cluster.
  • Create a VPC using the ROSA CLI. The rosa create network command lets you use the ROSA CLI to create a VPC for your cluster based on an AWS CloudFormation template. You can use this command to create and configure a VPC before creating your cluster. For more information, see create network.
  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.

1.1.6. Q3 2024
Copy link

  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.

1.1.7. Q2 2024
Copy link

  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.

  • Approved Access for Red Hat OpenShift Service on AWS classic architecture clusters. Red Hat Site Reliability Engineering (SRE) managing and proactively supporting ROSA Clusters will typically not require elevated access to customer clusters as part of the normal operations. In the unlikely event should Red Hat SRE (Site Reliability Engineer) need elevated access, the Approved Access functionality provides an interface for customers to review and approve or deny access requests.

    Elevated access requests to ROSA clusters and the corresponding cloud accounts can be created by Red Hat SRE either in response to a customer-initiated support ticket or in response to alerts received by a Red Hat SRE, as part of the standard incident response process. For more information, see Approved Access.

  • rosa command enhancement. The rosa describe command has a new optional argument, --get-role-policy-bindings. This new argument allows users to view the policies attached to STS roles assigned to the selected cluster. For more information, see describe cluster.
  • Expanded customer-managed policy capabilities. You can now attach customer-managed policies to the IAM roles required to run Red Hat OpenShift Service on AWS classic architecture clusters. Furthermore, these customer-managed policies, including the permissions attached to those policies, are not modified during cluster or role upgrades. For more information, see Customer-managed policies.
  • Permission boundaries for the installer role policy. You can apply a policy as a permissions boundary on the Red Hat OpenShift Service on AWS classic architecture installer role. The combination of policy and boundary policy limits the maximum permissions for the Amazon Web Services(AWS) Identity and Access Management (IAM) entity role. Red Hat OpenShift Service on AWS classic architecture includes a set of three prepared permission boundary policy files, with which you can restrict permissions for the installer role since changing the installer policy itself is not supported. For more information, see Permission boundaries for the installer role.
  • Cluster delete protection. You can now enable the cluster delete protection option, which helps to prevent you from accidentally deleting a cluster. For more information on using the cluster delete protection option with the ROSA CLI, see edit cluster. For more information on using the cluster delete protection option in the UI, see Creating a cluster with the default options using OpenShift Cluster Manager.
  • Longer cluster names enhancement. You can now specify a cluster name that is longer than 15 characters. For cluster names that are longer than 15 characters, you can customize the domain prefix for the cluster URL by using the domain-prefix flag in the ROSA CLI (rosa) or by selecting the Create custom domain prefix checkbox in the Red Hat Hybrid Cloud Console. For more information, see create cluster in Managing objects with the ROSA CLI.
  • Node management improvements. Now, you can perform specific tasks to make clusters more efficient. You can cordon, uncordon, and drain a specific node. For more information, see Working with nodes.

1.1.8. Q1 2024
Copy link

  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.
  • Log linking is enabled by default. Beginning with Red Hat OpenShift Service on AWS classic architecture 4.15, log linking is enabled by default. Log linking gives you access to the container logs for your pods.
  • Availability zone update. You can now optionally select a single availability zone (AZ) for machine pools when you have a multi-AZ cluster. For more information, see Creating a machine pool using the ROSA CLI.
  • Log linking is enabled by default - Beginning with Red Hat OpenShift Service on AWS classic architecture 4.15, log linking is enabled by default. Log linking gives you access to the container logs for your pods.
  • Delete cluster command enhancement. With the release of ROSA CLI (rosa) version 1.2.31, the --best-effort argument was added, which allows you to force-delete clusters when using the rosa delete cluster command. For more information, see delete cluster.

1.1.9. Q4 2023
Copy link

  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.
  • Delete cluster command enhancement. With the release of ROSA CLI (rosa) version 1.2.31, the --best-effort argument was added, which allows you to force-delete clusters when using the rosa delete cluster command. For more information, see delete cluster.
  • Configurable process identifier (PID) limits. With the release of ROSA CLI (rosa) version 1.2.31, administrators can use the rosa create kubeletconfig and rosa edit kubeletconfig commands to set the maximum PIDs for an existing cluster. For more information, see Changing the maximum number of process IDs per pod (podPidsLimit) for ROSA.
  • Configure custom security groups. With the release of ROSA CLI (rosa) version 1.2.31, administrators can use the rosa create command or the OpenShift Cluster Manager to create a new cluster or a new machine pool with up to 5 additional custom security groups. Configuring custom security groups gives administrators greater control over resource access in new clusters and machine pools. For more information, see Security groups.
  • Command update. With the release of ROSA CLI (rosa) version 1.2.28, a new command, rosa describe machinepool, was added that allows you to check detailed information regarding a specific ROSA cluster machine pool. For more information, see describe machinepool.
  • Documentation update. The Operators section was added to the ROSA documentation. Operators are the preferred method of packaging, deploying, and managing services on the control plane. For more information, see Operators overview.
  • OpenShift Virtualization support. The release of OpenShift Virtualization 4.14 added support for running OpenShift Virtualization on Red Hat OpenShift Service on AWS classic architecture clusters. For more information, see OpenShift Virtualization on AWS bare metal in the OpenShift Container Platform documentation.

1.1.10. Q3 2023
Copy link

  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.
  • Cluster autoscaling. You can now enable cluster autoscaling using ROSA clusters. Cluster autoscaling automatically adjusts the size of a cluster so that all pods have a place to run, and there are no unneeded nodes. You can enable autoscaling during and after cluster creation using either OpenShift Cluster Manager or the ROSA CLI (rosa). For more information, see Cluster autoscaling.
  • Shared virtual private clouds. Red Hat OpenShift Service on AWS classic architecture now supports installing clusters into VPCs shared among AWS accounts that are part of AWS organizations. AWS account installing Red Hat OpenShift Service on AWS (classic architecture) clusters can now use shared subnets owned by a management account. For more information, see Configuring a shared virtual private cloud for Red Hat OpenShift Service on AWS classic architecture clusters.
  • Machine pool disk volume size. You can now configure your machine pool disk volume size for additional flexibility. You can select your own sizing for the disk volumes of their worker machine pool nodes. For more information, see Configuring machine pool disk volume.
  • Machine pool update. You can now add taints to the machine pool that is automatically generated during cluster creation. You can also delete this machine pool. This new feature provides more flexibility and cost-effectiveness for cluster administrators, specifically in regards to scaling infrastructure based on changing resource requirements. For more information, see Creating a machine pool.
  • Red Hat OpenShift Service on AWS classic architecture regions added. Red Hat OpenShift Service on AWS classic architecture is now available in the following regions:
  • Documentation update. The CLI Tools section was added to the ROSA documentation and includes more detailed information to help you fully use all of the supported CLI tools. The ROSA CLI section can now be found nested inside the CLI Tools heading. For more information, see CLI tools overview.
  • Documentation update. The Monitoring section in the documentation was expanded and now includes more detailed information to help you conveniently manage your ROSA clusters. For more information, see About Red Hat OpenShift Service on AWS classic architecture monitoring.

1.1.11. Q2 2023
Copy link

  • ROSA CLI update. The ROSA CLI (rosa) was updated to a new version. For information about what has changed in this release, see the ROSA CLI release notes. For more information about the ROSA CLI (rosa), see About the ROSA CLI.
  • Red Hat OpenShift Service on AWS classic architecture region added. Red Hat OpenShift Service on AWS classic architecture is now available in the United Arab Emirates (me-central-1) region. For more information on region availability, see Regions and availability zones.

1.1.12. Q1 2023
Copy link

  • OIDC provider endpoint URL update. Starting with ROSA CLI version 1.2.7, all new cluster OIDC provider endpoint URLs are no longer regional. Amazon CloudFront is part of this implementation to improve access speed, reduce latency, and improve resiliency. This change is only available for new clusters created with ROSA CLI 1.2.7 or later. There are no supported migration paths for existing OIDC provider configurations.

1.2. Known issues
Copy link

  • The OpenShift Cluster Manager roles (ocm-role) and user roles (user-role) that are key to the Red Hat OpenShift Service on AWS classic architecture provisioning wizard might get enabled accidentally in your Red Hat organization by another user. However, this behavior does not affect the usability.
  • The htpasswd identity provider does not function as expected in all scenarios against the rosa create admin function.

1.3. Updating the ROSA CLI tool
Copy link

To use the latest version of the Red Hat OpenShift Service on AWS classic architecture (ROSA) CLI, rosa, download the ROSA CLI (rosa) from the Hybrid Cloud Console. If you already have this tool, the procedure is the same for updates.

Procedure

  1. Download the file from the Hybrid Cloud Console.
  2. Unzip the downloaded file.

  3. Move the file to the /usr/bin/rosa directory by running the following command: 

    $ sudo mv rosa /usr/bin/rosa
    Copy to Clipboard Toggle word wrap

  4. Confirm your version by running the following command: 

    $ rosa version
    Copy to Clipboard Toggle word wrap

    Example output

    <version>
Your ROSA CLI is up to date.
    Copy to Clipboard Toggle word wrap

1.4. Deprecated and removed features
Copy link

Some features available in previous releases have been deprecated or removed. Deprecated functionality is still included in Red Hat OpenShift Service on AWS classic architecture and continues to be supported; however, it will be removed in a future release of this product and is not recommended for new deployments.

  • ROSA non-STS deployment mode. ROSA non-STS deployment mode is no longer the preferred method for new clusters. Instead, users must deploy ROSA with the STS mode. This deprecation is in line with our new ROSA provisioning wizard UI experience on the Red Hat Hybrid Cloud Console.
  • Label removal on core namespaces. Red Hat OpenShift Service on AWS classic architecture is no longer labeling OpenShift core using the name label. Customers should migrate to referencing the kubernetes.io/metadata.name label if needed for Network Policies or other use cases.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat