From b1d72f22ec18dc745649fcc43d7bdcf94e789899 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 13:10:13 +0200
Subject: [PATCH 01/49] Added ADR for the provisioning functionality in KIM

---
 .../assets/keb-kim-target-arch.drawio.svg     |   4 +
 .../assets/runtime-examples/aws-freemium.yaml |  66 ++++++
 .../assets/runtime-examples/aws-minimal.yaml  |  64 ++++++
 .../assets/runtime-examples/aws-trial.yaml    |  57 +++++
 docs/adrs/assets/runtime-examples/aws.yaml    |  92 ++++++++
 .../runtime-examples/azure-fremium.yaml       |  57 +++++
 .../assets/runtime-examples/azure-lite.yaml   |  71 ++++++
 docs/adrs/assets/runtime-examples/azure.yaml  |  91 ++++++++
 docs/adrs/assets/runtime-examples/gcp.yaml    |  91 ++++++++
 .../runtime-examples/sap-converged-cloud.yaml |  87 +++++++
 docs/adrs/provisioning.md                     | 214 ++++++++++++++++++
 11 files changed, 894 insertions(+)
 create mode 100644 docs/adrs/assets/keb-kim-target-arch.drawio.svg
 create mode 100644 docs/adrs/assets/runtime-examples/aws-freemium.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/aws-minimal.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/aws-trial.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/aws.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/azure-fremium.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/azure-lite.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/azure.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/gcp.yaml
 create mode 100644 docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
 create mode 100644 docs/adrs/provisioning.md

diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adrs/assets/keb-kim-target-arch.drawio.svg
new file mode 100644
index 00000000..6f6a3887
--- /dev/null
+++ b/docs/adrs/assets/keb-kim-target-arch.drawio.svg
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Do not edit this file with editors other than draw.io -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-04-24T09:57:06.901Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;idLHjtmgS96FVphwHZih&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.2.8&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;1217&quot; dy=&quot;581&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;690&quot; height=&quot;720&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;750&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;800&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;GardenerCluster CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;GardenerClusterKubeconfig&amp;amp;nbsp;CRD contains details for fetching kubeconfig. &amp;lt;b&amp;gt;Mind currently GardenerCluster is used for that&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;515&quot; y=&quot;620&quot; width=&quot;190&quot; height=&quot;200&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;640&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;GardenerClusterKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;GardenerClusterCR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerCluster CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerCluster CRD...</text></switch></g></g><g><path d="M 505 470 L 695 470 L 695 640 Q 647.5 586 600 640 Q 552.5 694 505 640 L 505 500 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 540px; margin-left: 506px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CRD contains details for fetching kubeconfig. <b>Mind currently GardenerCluster is used for that </b></div></div></div></foreignObject><text x="600" y="544" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CRD c...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterCR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterCR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adrs/assets/runtime-examples/aws-freemium.yaml
new file mode 100644
index 00000000..c353b39c
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/aws-freemium.yaml
@@ -0,0 +1,66 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # Set by KEB, required
+    name: shoot-name
+    # Set by KEB, required
+    purpose: trial
+    kubernetes:
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+    provider:
+      ## Provided by the KEB, required
+      type: aws
+      ## Provided by the KEB, required
+      region: eu-central-1
+      # Provided by the KEB, required.
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    workers:
+      - machine:
+          # Set by KEB, required
+          type: m5.xlarge
+          # Optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # Provided by the KEB, required for the first release
+        # Finally can be moved into KIM, as it is hardcoded in KEB
+        volume:
+          type: gp2
+          size: 50Gi
+        # Provided by the KEB, required
+        zones:
+          - eu-central-1a
+        # Optional, if not provided default will be used
+        name: cpu-worker-0
+        # Provided by the KEB, required
+        minimum: 1
+        # Provided by the KEB, required
+        maximum: 1
+        # Provided by the KEB, required in the first release.
+        # It can be optional removed in the future, as it equals to zone count
+        maxSurge: 1
+        # Provided by the KEB, required in the first release.
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+    # Provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adrs/assets/runtime-examples/aws-minimal.yaml
new file mode 100644
index 00000000..a148d4e1
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/aws-minimal.yaml
@@ -0,0 +1,64 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    kubernetes:
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+    provider:
+      type: aws
+      region: eu-central-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 100.64.0.0/12
+      nodes: 10.250.0.0/16
+      services: 100.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: m6i.large
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-central-1a
+          - eu-central-1b
+          - eu-central-1c
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking is provided by the KEB, required
+        egress:
+          enabled: false
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adrs/assets/runtime-examples/aws-trial.yaml
new file mode 100644
index 00000000..16115add
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/aws-trial.yaml
@@ -0,0 +1,57 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: evaluation
+    kubernetes:
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+    provider:
+      type: aws
+      region: eu-central-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 10.96.0.0/13
+      nodes: 10.250.0.0/22
+      services: 10.104.0.0/13
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: mx5.large
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-central-1a
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 1
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 1
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 1
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adrs/assets/runtime-examples/aws.yaml
new file mode 100644
index 00000000..39207214
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/aws.yaml
@@ -0,0 +1,92 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    # Will be modified by the SRE
+    kubernetes:
+      # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      version: "1.28.7"
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+          - RS256
+          usernameClaim: sub
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        additionalOidcConfig:
+          - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+            groupsClaim: groups
+            issuerURL: https://some.others.tokens.com
+            signingAlgs:
+              - RS256
+            usernameClaim: sub
+            usernamePrefix: 'someother'
+    ## spec.shoot.provider is provided by the KEB, required
+    provider:
+      type: aws
+      region: eu-central-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 100.64.0.0/12
+      nodes: 10.250.0.0/16
+      services: 100.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: m6i.large
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+        volume:
+          type: gp2
+          size: 50Gi
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-central-1a
+          - eu-central-1b
+          - eu-central-1c
+        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        name: cpu-worker-0
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        ingress:
+          enabled: true
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adrs/assets/runtime-examples/azure-fremium.yaml
new file mode 100644
index 00000000..16115add
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/azure-fremium.yaml
@@ -0,0 +1,57 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: evaluation
+    kubernetes:
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+    provider:
+      type: aws
+      region: eu-central-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 10.96.0.0/13
+      nodes: 10.250.0.0/22
+      services: 10.104.0.0/13
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: mx5.large
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-central-1a
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 1
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 1
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 1
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adrs/assets/runtime-examples/azure-lite.yaml
new file mode 100644
index 00000000..91f6c2f2
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/azure-lite.yaml
@@ -0,0 +1,71 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    kubernetes:
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+          - RS256
+        usernameClaim: sub
+    ## spec.shoot.provider is provided by the KEB, required
+    provider:
+      type: aws
+      region: eastus
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 10.96.0.0/13
+      nodes: 10.250.0.0/22
+      services: 10.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: Standard_D4s_v5
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+        volume:
+          type: Standard_LRS
+          size: 50Gi
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eastus1
+        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        name: cpu-worker-0
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 2
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 10
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 1
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adrs/assets/runtime-examples/azure.yaml
new file mode 100644
index 00000000..67883bd8
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/azure.yaml
@@ -0,0 +1,91 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    kubernetes:
+      # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      version: "1.28.7"
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        additionalOidcConfig:
+          - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+            groupsClaim: groups
+            issuerURL: https://some.others.tokens.com
+            signingAlgs:
+              - RS256
+            usernameClaim: sub
+            usernamePrefix: 'someother'
+    ## spec.shoot.provider is provided by the KEB, required
+    provider:
+      type: aws
+      region: eastus
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 10.96.0.0/13
+      nodes: 10.250.0.0/22
+      services: 10.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: Standard_D2s_v5
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+        volume:
+          type: Standard_LRS
+          size: 50Gi
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eastus1
+          - eastus2
+          - eastus3
+        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        name: cpu-worker-0
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        ingress:
+          enabled: true
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adrs/assets/runtime-examples/gcp.yaml
new file mode 100644
index 00000000..c1c6c3d8
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/gcp.yaml
@@ -0,0 +1,91 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    kubernetes:
+      # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      version: "1.28.7"
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        additionalOidcConfig:
+          - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+            groupsClaim: groups
+            issuerURL: https://some.others.tokens.com
+            signingAlgs:
+              - RS256
+            usernameClaim: sub
+            usernamePrefix: 'someother'
+    ## spec.shoot.provider is provided by the KEB, required
+    provider:
+      type: aws
+      region: europe-west3
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 10.96.0.0/13
+      nodes: 10.250.0.0/22
+      services: 10.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: n2-standard-2
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+        volume:
+          type: pd-standard
+          size: 50Gi
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - europe-west3a
+          - europe-west3b
+          - europe-west3c
+        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        name: cpu-worker-0
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        ingress:
+          enabled: true
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
new file mode 100644
index 00000000..d8a37668
--- /dev/null
+++ b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
@@ -0,0 +1,87 @@
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    kubernetes:
+      # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      version: "1.28.7"
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        additionalOidcConfig:
+          - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+            groupsClaim: groups
+            issuerURL: https://some.others.tokens.com
+            signingAlgs:
+              - RS256
+            usernameClaim: sub
+            usernamePrefix: 'someother'
+    ## spec.shoot.provider is provided by the KEB, required
+    provider:
+      type: openstack
+      region: eu-de-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 10.96.0.0/13
+      nodes: 10.250.0.0/22
+      services: 10.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: g_c2_m8
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # Note: KEB doesn't specify the volume, Gardener defaults used
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-de-1a
+          - eu-de-1b
+          - eu-de-1d
+        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        name: cpu-worker-0
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        ingress:
+          enabled: true
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md
new file mode 100644
index 00000000..eae5230c
--- /dev/null
+++ b/docs/adrs/provisioning.md
@@ -0,0 +1,214 @@
+# Introduction
+This document defines architecture, and API for provisioning functionality.
+
+# Target architecture
+
+The following picture shows the proposed architecture:
+![](./assets/keb-kim-target-arch.drawio.svg)
+
+The following assumptions were taken:
+- KEB is responsible for:
+    - Creating `Runtime` CR containing the following data:
+      - provider config (type, region, and secret with credentials for hyperscaler)
+      - worker pool specification
+      - cluster networking settings (nodes, pods, and services API ranges)
+      - OIDC settings
+      - cluster administrators list
+      - Egress network filter settings
+      - Control Plane failure tolerance
+    - Observing status of the CR to determine whether provisioning succeeded
+- Kyma Infrastructure Manager is responsible for:
+    - creating shoots based on:
+      - corresponding `Runtime` CR properties
+      - predefined defaults for the optional properties:
+        - Kubernetes version
+        - Machine image version
+      - predefined configuration for the following extensions:
+        - DNS 
+        - Certificates
+    - upgrading, and deleting shoots for corresponding `Runtime` CRs
+    - applying audit log configuration on the shoot resource
+    - generating kubeconfig
+
+# API proposal
+
+## CR examples
+
+The example below shows the CR that should be created by the KEB to provision AWS production cluster:
+```ayaml
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    kubernetes:
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+            - RS256
+          usernameClaim: sub
+    provider:
+      type: aws
+      region: eu-central-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 100.64.0.0/12
+      nodes: 10.250.0.0/16
+      services: 100.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: m6i.large
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-central-1a
+          - eu-central-1b
+          - eu-central-1c
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
+```
+
+There are some additional optional fields (please see [this example](assets/runtime-examples/aws.yaml) that could be specified:
+- `spec.shoot.kubernetes.version` ; if not provided default value will be read by KIM from configuration
+- `spec.shoot.workers.machine.image` ; if not provided default value will be read by KIM from configuration
+- `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured
+- `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used
+- `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used
+
+Please, see the following examples to understand what CRs need to be created for particular KEB plans:
+- [AWS trial plan](assets/runtime-examples/aws-trial.yaml))
+- [Azure](assets/runtime-examples/azure.yaml)
+- [Azure lite](assets/runtime-examples/azure-lite.yaml)
+- [GCP](assets/runtime-examples/gcp.yaml)
+- [SAP Converge Cloud](assets/runtime-examples/sap-converged-cloud.yaml)
+
+## API structures
+```go
+package v2
+
+import (
+	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type Runtime struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   RuntimeSpec   `json:"spec"`
+	Status RuntimeStatus `json:"status,omitempty"`
+}
+
+type RuntimeSpec struct {
+	Shoot    Shoot    `json:"spec"`
+	Security Security `json:"security"`
+}
+
+type Shoot struct {
+	Name       string             `json:"name"`
+	Purpose    string             `json:"purpose"`
+	Kubernetes Kubernetes         `json:"kubernetes"`
+	Provider   Provider           `json:"provider"`
+	Networking Networking         `json:"networking"`
+	Workers    *[]gardener.Worker `json:"workers,omitempty"`
+}
+
+type Provider struct {
+	Type              string `json:"type"`
+	Region            string `json:"region"`
+	SecretBindingName string `json:"secretBindingName"`
+}
+
+type Networking struct {
+	Pods     *string `json:"pods,omitempty"`
+	Nodes    *string `json:"nodes,omitempty"`
+	Services *string `json:"services,omitempty"`
+}
+
+type Kubernetes struct {
+	Version       string     `json:"version"`
+	KubeAPIServer *APIServer `json:"kubeAPIServer,omitempty"`
+}
+
+type APIServer struct {
+	oidcConfig           gardener.OIDCConfig    `json:"oidcConfig"`
+	additionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""`
+}
+
+type Security struct {
+	Administrators []string           `json:"administrators"`
+	Networking     NetworkingSecurity `json:"networking""`
+}
+
+type NetworkingSecurity struct {
+	Filter Filter `json:"filter"`
+}
+
+type Filter struct {
+	Ingress Ingress `json:"ingress"`
+	Egress  Egress  `json:"egress"`
+}
+
+type Ingress struct {
+	Enabled bool `json:"enabled"`
+}
+
+type Egress struct {
+	Enabled bool `json:"enabled"`
+}
+
+type State string
+
+// +kubebuilder:object:root=true
+// RuntimeStatus defines the observed state of Runtime
+type RuntimeStatus struct {
+	// State signifies current state of Runtime.
+	// Value can be one of ("Ready", "Processing", "Error", "Deleting").
+	State State `json:"state,omitempty"`
+
+	// List of status conditions to indicate the status of a ServiceInstance.
+	// +optional
+	// +listType=map
+	// +listMapKey=type
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+```

From d1e330e90982462984013d07198402872345cbc9 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 13:43:10 +0200
Subject: [PATCH 02/49] Diagram updated

---
 docs/adrs/assets/keb-kim-target-arch.drawio.svg | 2 +-
 docs/adrs/provisioning.md                       | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adrs/assets/keb-kim-target-arch.drawio.svg
index 6f6a3887..2dfd2206 100644
--- a/docs/adrs/assets/keb-kim-target-arch.drawio.svg
+++ b/docs/adrs/assets/keb-kim-target-arch.drawio.svg
@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Do not edit this file with editors other than draw.io -->
 <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-04-24T09:57:06.901Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;idLHjtmgS96FVphwHZih&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.2.8&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;1217&quot; dy=&quot;581&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;690&quot; height=&quot;720&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;750&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;800&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;GardenerCluster CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;GardenerClusterKubeconfig&amp;amp;nbsp;CRD contains details for fetching kubeconfig. &amp;lt;b&amp;gt;Mind currently GardenerCluster is used for that&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;515&quot; y=&quot;620&quot; width=&quot;190&quot; height=&quot;200&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;640&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;GardenerClusterKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;GardenerClusterCR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerCluster CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerCluster CRD...</text></switch></g></g><g><path d="M 505 470 L 695 470 L 695 640 Q 647.5 586 600 640 Q 552.5 694 505 640 L 505 500 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 540px; margin-left: 506px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CRD contains details for fetching kubeconfig. <b>Mind currently GardenerCluster is used for that </b></div></div></div></foreignObject><text x="600" y="544" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CRD c...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">GardenerClusterCR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">GardenerClusterCR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-05-08T11:28:51.402Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;0IuS16Wp7--JE4fZthXc&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.3.1&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;577&quot; dy=&quot;1271&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;690&quot; height=&quot;720&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;750&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;800&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;Runtime CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;RuntimeKubeconfig&amp;amp;nbsp;CRD contains data needed to fetch kubeconfig. &amp;lt;b&amp;gt;&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;490&quot; y=&quot;610&quot; width=&quot;190&quot; height=&quot;100&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;640&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;RuntimeKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;Runtime CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md
index eae5230c..0a47c87f 100644
--- a/docs/adrs/provisioning.md
+++ b/docs/adrs/provisioning.md
@@ -6,6 +6,8 @@ This document defines architecture, and API for provisioning functionality.
 The following picture shows the proposed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
 
+> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager include renaming the CR to maintain consistency.
+
 The following assumptions were taken:
 - KEB is responsible for:
     - Creating `Runtime` CR containing the following data:

From 32e7b22b9f7afcaf1f83574bfa76c5c6c853e9c5 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 13:44:11 +0200
Subject: [PATCH 03/49] Update provisioning.md

---
 docs/adrs/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md
index 0a47c87f..fbbb7b73 100644
--- a/docs/adrs/provisioning.md
+++ b/docs/adrs/provisioning.md
@@ -6,7 +6,7 @@ This document defines architecture, and API for provisioning functionality.
 The following picture shows the proposed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
 
-> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager include renaming the CR to maintain consistency.
+> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager includes renaming the CR to maintain consistency.
 
 The following assumptions were taken:
 - KEB is responsible for:

From 6db8a66fee841be2acc4296826e6a19e77328499 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 14:02:09 +0200
Subject: [PATCH 04/49] Added labels to the examples

---
 docs/adrs/assets/runtime-examples/aws-freemium.yaml    | 10 ++++++++++
 docs/adrs/assets/runtime-examples/aws-minimal.yaml     | 10 ++++++++++
 docs/adrs/assets/runtime-examples/aws-trial.yaml       | 10 ++++++++++
 docs/adrs/assets/runtime-examples/aws.yaml             | 10 ++++++++++
 docs/adrs/assets/runtime-examples/azure-fremium.yaml   | 10 ++++++++++
 docs/adrs/assets/runtime-examples/azure-lite.yaml      | 10 ++++++++++
 docs/adrs/assets/runtime-examples/azure.yaml           | 10 ++++++++++
 docs/adrs/assets/runtime-examples/gcp.yaml             | 10 ++++++++++
 .../assets/runtime-examples/sap-converged-cloud.yaml   | 10 ++++++++++
 docs/adrs/provisioning.md                              |  6 +++---
 10 files changed, 93 insertions(+), 3 deletions(-)

diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adrs/assets/runtime-examples/aws-freemium.yaml
index c353b39c..1604a388 100644
--- a/docs/adrs/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adrs/assets/runtime-examples/aws-freemium.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adrs/assets/runtime-examples/aws-minimal.yaml
index a148d4e1..5ff78c5a 100644
--- a/docs/adrs/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adrs/assets/runtime-examples/aws-minimal.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adrs/assets/runtime-examples/aws-trial.yaml
index 16115add..ca7c2d11 100644
--- a/docs/adrs/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adrs/assets/runtime-examples/aws-trial.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adrs/assets/runtime-examples/aws.yaml
index 39207214..b3582a0b 100644
--- a/docs/adrs/assets/runtime-examples/aws.yaml
+++ b/docs/adrs/assets/runtime-examples/aws.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adrs/assets/runtime-examples/azure-fremium.yaml
index 16115add..ca7c2d11 100644
--- a/docs/adrs/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adrs/assets/runtime-examples/azure-fremium.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adrs/assets/runtime-examples/azure-lite.yaml
index 91f6c2f2..b03679a3 100644
--- a/docs/adrs/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adrs/assets/runtime-examples/azure-lite.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adrs/assets/runtime-examples/azure.yaml
index 67883bd8..7ca7e435 100644
--- a/docs/adrs/assets/runtime-examples/azure.yaml
+++ b/docs/adrs/assets/runtime-examples/azure.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adrs/assets/runtime-examples/gcp.yaml
index c1c6c3d8..b29c5080 100644
--- a/docs/adrs/assets/runtime-examples/gcp.yaml
+++ b/docs/adrs/assets/runtime-examples/gcp.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
index d8a37668..e02daf6d 100644
--- a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
@@ -1,6 +1,16 @@
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md
index fbbb7b73..e6848d82 100644
--- a/docs/adrs/provisioning.md
+++ b/docs/adrs/provisioning.md
@@ -37,12 +37,10 @@ The following assumptions were taken:
 ## CR examples
 
 The example below shows the CR that should be created by the KEB to provision AWS production cluster:
-```ayaml
+```yaml
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
-  name: runtime-id
-  namespace: kcp-system
   labels:
     kyma-project.io/instance-id: instance-id
     kyma-project.io/runtime-id: runtime-id
@@ -53,6 +51,8 @@ metadata:
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
+  name: runtime-id
+  namespace: kcp-system
 spec:
   shoot:
     # spec.shoot.name is set by the KEB, required

From e9ac6882a5ffdb3b117701c839dbe9c56cc2ca0d Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 14:17:32 +0200
Subject: [PATCH 05/49] Added example with additional oidc provider, and
 ingress filtering

---
 docs/adrs/provisioning.md | 133 ++++++++++++++++++++++++++++++++++----
 1 file changed, 121 insertions(+), 12 deletions(-)

diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md
index e6848d82..1564dee1 100644
--- a/docs/adrs/provisioning.md
+++ b/docs/adrs/provisioning.md
@@ -36,21 +36,26 @@ The following assumptions were taken:
 
 ## CR examples
 
+Please mind that the `Runtime` CR should contain the following labels:
+```yaml
+ kyma-project.io/instance-id: instance-id
+ kyma-project.io/runtime-id: runtime-id
+ kyma-project.io/broker-plan-id: plan-id
+ kyma-project.io/broker-plan-name: plan-name
+ kyma-project.io/global-account-id: global-account-id
+ kyma-project.io/subaccount-id: subAccount-id
+ kyma-project.io/shoot-name: shoot-name
+ kyma-project.io/region: region
+ operator.kyma-project.io/kyma-name: kymaName
+```
+
+The labels are skipped in the following examples due to clarity.
+
 The example below shows the CR that should be created by the KEB to provision AWS production cluster:
 ```yaml
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
-  labels:
-    kyma-project.io/instance-id: instance-id
-    kyma-project.io/runtime-id: runtime-id
-    kyma-project.io/broker-plan-id: plan-id
-    kyma-project.io/broker-plan-name: plan-name
-    kyma-project.io/global-account-id: global-account-id
-    kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
-    kyma-project.io/region: region
-    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
@@ -104,26 +109,130 @@ spec:
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
+    networking:
+      filter:
+        # spec.security.networking is provided by the KEB, required
+        egress:
+          enabled: false
     # spec.security.administrators is provided by the KEB, required
     administrators:
       - admin@myorg.com
 ```
 
-There are some additional optional fields (please see [this example](assets/runtime-examples/aws.yaml) that could be specified:
+There are some additional optional fields  that could be specified:
 - `spec.shoot.kubernetes.version` ; if not provided default value will be read by KIM from configuration
 - `spec.shoot.workers.machine.image` ; if not provided default value will be read by KIM from configuration
 - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured
 - `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used
 - `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used
 
+The following example shows what `Runtime` CR should be created to provision a cluster with additional OIDC provider, and ingress network filtering enabled:
+```yaml
+apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+kind: Runtime
+metadata:
+  name: runtime-id
+  namespace: kcp-system
+spec:
+  shoot:
+    # spec.shoot.name is set by the KEB, required
+    name: shoot-name
+    # spec.shoot.purpose is set by the KEB, required
+    purpose: production
+    # Will be modified by the SRE
+    kubernetes:
+      # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      version: "1.28.7"
+      kubeAPIServer:
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        oidcConfig:
+          clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+          groupsClaim: groups
+          issuerURL: https://my.cool.tokens.com
+          signingAlgs:
+          - RS256
+          usernameClaim: sub
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        additionalOidcConfig:
+          - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+            groupsClaim: groups
+            issuerURL: https://some.others.tokens.com
+            signingAlgs:
+              - RS256
+            usernameClaim: sub
+            usernamePrefix: 'someother'
+    ## spec.shoot.provider is provided by the KEB, required
+    provider:
+      type: aws
+      region: eu-central-1
+      # We must consider whether it makes sense to move HAP into KIM
+      secretBindingName: "hypersaler secret"
+    # spec.shoot.Networking is Provided by the KEB, required
+    networking:
+      pods: 100.64.0.0/12
+      nodes: 10.250.0.0/16
+      services: 100.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
+    workers:
+      - machine:
+          # spec.shoot.workers.machine.type provided by the KEB, required
+          type: m6i.large
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
+          # Will be modified by the SRE
+          image:
+            name: gardenlinux
+            version: 1312.3.0
+        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+        volume:
+          type: gp2
+          size: 50Gi
+        # spec.shoot.workers.zones is provided by the KEB, required
+        zones:
+          - eu-central-1a
+          - eu-central-1b
+          - eu-central-1c
+        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        name: cpu-worker-0
+        # spec.shoot.workers.minimum is provided by the KEB, required
+        minimum: 3
+        # spec.shoot.workers.maximum is provided by the KEB, required
+        maximum: 20
+        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it equals to zone count
+        maxSurge: 3
+        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # It can be optional in the future, as it is always set to 0
+        maxUnavailable:  0
+  security:
+    networking:
+      filter:
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        egress:
+          enabled: false
+        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        ingress:
+          enabled: true
+    # spec.security.administrators is provided by the KEB, required
+    administrators:
+      - admin@myorg.com
+```
+
+The following example 
+
 Please, see the following examples to understand what CRs need to be created for particular KEB plans:
-- [AWS trial plan](assets/runtime-examples/aws-trial.yaml))
+- [AWS trial plan](assets/runtime-examples/aws-trial.yaml)
 - [Azure](assets/runtime-examples/azure.yaml)
 - [Azure lite](assets/runtime-examples/azure-lite.yaml)
 - [GCP](assets/runtime-examples/gcp.yaml)
 - [SAP Converge Cloud](assets/runtime-examples/sap-converged-cloud.yaml)
 
 ## API structures
+
 ```go
 package v2
 

From 8ae664e4a4a6a7264baeae39165f71f78d14f84d Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 14:19:30 +0200
Subject: [PATCH 06/49] Minor updates

---
 docs/adrs/provisioning.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/adrs/provisioning.md b/docs/adrs/provisioning.md
index 1564dee1..b5c123c1 100644
--- a/docs/adrs/provisioning.md
+++ b/docs/adrs/provisioning.md
@@ -221,8 +221,7 @@ spec:
     administrators:
       - admin@myorg.com
 ```
-
-The following example 
+> Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in teh first release.
 
 Please, see the following examples to understand what CRs need to be created for particular KEB plans:
 - [AWS trial plan](assets/runtime-examples/aws-trial.yaml)

From 1e975a7ac0dd88176a1c2d08e03b4aeeb667c133 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 14:21:56 +0200
Subject: [PATCH 07/49] Minor diagram update

---
 docs/adrs/assets/keb-kim-target-arch.drawio.svg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adrs/assets/keb-kim-target-arch.drawio.svg
index 2dfd2206..439cb4ba 100644
--- a/docs/adrs/assets/keb-kim-target-arch.drawio.svg
+++ b/docs/adrs/assets/keb-kim-target-arch.drawio.svg
@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Do not edit this file with editors other than draw.io -->
 <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="721px" viewBox="-0.5 -0.5 822 721" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-05-08T11:28:51.402Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;0IuS16Wp7--JE4fZthXc&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.3.1&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;577&quot; dy=&quot;1271&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;690&quot; height=&quot;720&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;750&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;800&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;Runtime CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;RuntimeKubeconfig&amp;amp;nbsp;CRD contains data needed to fetch kubeconfig. &amp;lt;b&amp;gt;&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;490&quot; y=&quot;610&quot; width=&quot;190&quot; height=&quot;100&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;640&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;RuntimeKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;Runtime CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="690" height="720" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="591px" viewBox="-0.5 -0.5 822 591" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-05-08T12:21:32.566Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;9fDpxlZcrvNXN_X_p45L&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.3.1&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;577&quot; dy=&quot;1271&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;690&quot; height=&quot;580&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;750&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;800&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;Runtime CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;RuntimeKubeconfig&amp;amp;nbsp;CRD contains data needed to fetch kubeconfig. &amp;lt;b&amp;gt;&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;490&quot; y=&quot;610&quot; width=&quot;190&quot; height=&quot;100&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;640&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;RuntimeKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;Runtime CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;mGOWFElGAteea3bxPiqX-24&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; edge=&quot;1&quot; parent=&quot;1&quot; source=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; target=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="690" height="580" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g><g/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file

From 3ec8899f8e43eb854a9254f9c0ce0aa3dbfdcccb Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:14:25 +0200
Subject: [PATCH 08/49] Examples updated

---
 docs/adrs/assets/runtime-examples/aws-freemium.yaml   | 11 ++++++++++-
 docs/adrs/assets/runtime-examples/aws-minimal.yaml    |  2 +-
 docs/adrs/assets/runtime-examples/aws-trial.yaml      |  5 +++++
 docs/adrs/assets/runtime-examples/aws.yaml            |  5 ++---
 docs/adrs/assets/runtime-examples/azure-fremium.yaml  |  5 +++++
 docs/adrs/assets/runtime-examples/azure-lite.yaml     |  4 ++++
 docs/adrs/assets/runtime-examples/azure.yaml          |  4 ++--
 docs/adrs/assets/runtime-examples/gcp.yaml            |  2 +-
 .../assets/runtime-examples/sap-converged-cloud.yaml  |  4 ++--
 9 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adrs/assets/runtime-examples/aws-freemium.yaml
index 1604a388..1ad50aa0 100644
--- a/docs/adrs/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adrs/assets/runtime-examples/aws-freemium.yaml
@@ -18,7 +18,7 @@ spec:
     # Set by KEB, required
     name: shoot-name
     # Set by KEB, required
-    purpose: trial
+    purpose: evaluation
     kubernetes:
       kubeAPIServer:
         ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
@@ -37,6 +37,15 @@ spec:
       # Provided by the KEB, required.
       # We must consider whether it makes sense to move HAP into KIM
       secretBindingName: "hypersaler secret"
+    networking:
+      pods: 100.64.0.0/12
+      nodes: 10.250.0.0/16
+      services: 100.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, required
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: zone
     workers:
       - machine:
           # Set by KEB, required
diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adrs/assets/runtime-examples/aws-minimal.yaml
index 5ff78c5a..90d1f71b 100644
--- a/docs/adrs/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adrs/assets/runtime-examples/aws-minimal.yaml
@@ -39,7 +39,7 @@ spec:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is provided by the KEB, required
     controlPlane:
       highAvailability:
         failureTolerance:
diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adrs/assets/runtime-examples/aws-trial.yaml
index ca7c2d11..1b28520a 100644
--- a/docs/adrs/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adrs/assets/runtime-examples/aws-trial.yaml
@@ -39,6 +39,11 @@ spec:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, required
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: zone
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required
diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adrs/assets/runtime-examples/aws.yaml
index b3582a0b..a3f1b6dd 100644
--- a/docs/adrs/assets/runtime-examples/aws.yaml
+++ b/docs/adrs/assets/runtime-examples/aws.yaml
@@ -45,18 +45,17 @@ spec:
     provider:
       type: aws
       region: eu-central-1
-      # We must consider whether it makes sense to move HAP into KIM
       secretBindingName: "hypersaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is provided by the KEB, required
     controlPlane:
       highAvailability:
         failureTolerance:
-          type: node
+          type: zone
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required
diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adrs/assets/runtime-examples/azure-fremium.yaml
index ca7c2d11..0a953844 100644
--- a/docs/adrs/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adrs/assets/runtime-examples/azure-fremium.yaml
@@ -39,6 +39,11 @@ spec:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
+    # spec.shoot.controlPlane is provided by the KEB, required
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required
diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adrs/assets/runtime-examples/azure-lite.yaml
index b03679a3..c9ffe6d3 100644
--- a/docs/adrs/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adrs/assets/runtime-examples/azure-lite.yaml
@@ -41,6 +41,10 @@ spec:
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
     # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    controlPlane:
+      highAvailability:
+        failureTolerance:
+          type: node
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required
diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adrs/assets/runtime-examples/azure.yaml
index 7ca7e435..d5c7d92c 100644
--- a/docs/adrs/assets/runtime-examples/azure.yaml
+++ b/docs/adrs/assets/runtime-examples/azure.yaml
@@ -51,11 +51,11 @@ spec:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is provided by the KEB, required
     controlPlane:
       highAvailability:
         failureTolerance:
-          type: node
+          type: zone
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required
diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adrs/assets/runtime-examples/gcp.yaml
index b29c5080..103cc665 100644
--- a/docs/adrs/assets/runtime-examples/gcp.yaml
+++ b/docs/adrs/assets/runtime-examples/gcp.yaml
@@ -55,7 +55,7 @@ spec:
     controlPlane:
       highAvailability:
         failureTolerance:
-          type: node
+          type: zone
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required
diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
index e02daf6d..9716fe2c 100644
--- a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
@@ -51,11 +51,11 @@ spec:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is provided by the KEB, required
     controlPlane:
       highAvailability:
         failureTolerance:
-          type: node
+          type: zone
     workers:
       - machine:
           # spec.shoot.workers.machine.type provided by the KEB, required

From a317f5edb05a9a6afaede4f35e7ef939e9182880 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:15:55 +0200
Subject: [PATCH 09/49] Folder name changed

---
 docs/{adrs => adr}/assets/keb-kim-target-arch.drawio.svg          | 0
 docs/{adrs => adr}/assets/runtime-examples/aws-freemium.yaml      | 0
 docs/{adrs => adr}/assets/runtime-examples/aws-minimal.yaml       | 0
 docs/{adrs => adr}/assets/runtime-examples/aws-trial.yaml         | 0
 docs/{adrs => adr}/assets/runtime-examples/aws.yaml               | 0
 docs/{adrs => adr}/assets/runtime-examples/azure-fremium.yaml     | 0
 docs/{adrs => adr}/assets/runtime-examples/azure-lite.yaml        | 0
 docs/{adrs => adr}/assets/runtime-examples/azure.yaml             | 0
 docs/{adrs => adr}/assets/runtime-examples/gcp.yaml               | 0
 .../assets/runtime-examples/sap-converged-cloud.yaml              | 0
 docs/{adrs => adr}/provisioning.md                                | 0
 11 files changed, 0 insertions(+), 0 deletions(-)
 rename docs/{adrs => adr}/assets/keb-kim-target-arch.drawio.svg (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/aws-freemium.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/aws-minimal.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/aws-trial.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/aws.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/azure-fremium.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/azure-lite.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/azure.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/gcp.yaml (100%)
 rename docs/{adrs => adr}/assets/runtime-examples/sap-converged-cloud.yaml (100%)
 rename docs/{adrs => adr}/provisioning.md (100%)

diff --git a/docs/adrs/assets/keb-kim-target-arch.drawio.svg b/docs/adr/assets/keb-kim-target-arch.drawio.svg
similarity index 100%
rename from docs/adrs/assets/keb-kim-target-arch.drawio.svg
rename to docs/adr/assets/keb-kim-target-arch.drawio.svg
diff --git a/docs/adrs/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/aws-freemium.yaml
rename to docs/adr/assets/runtime-examples/aws-freemium.yaml
diff --git a/docs/adrs/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/aws-minimal.yaml
rename to docs/adr/assets/runtime-examples/aws-minimal.yaml
diff --git a/docs/adrs/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/aws-trial.yaml
rename to docs/adr/assets/runtime-examples/aws-trial.yaml
diff --git a/docs/adrs/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/aws.yaml
rename to docs/adr/assets/runtime-examples/aws.yaml
diff --git a/docs/adrs/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/azure-fremium.yaml
rename to docs/adr/assets/runtime-examples/azure-fremium.yaml
diff --git a/docs/adrs/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/azure-lite.yaml
rename to docs/adr/assets/runtime-examples/azure-lite.yaml
diff --git a/docs/adrs/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/azure.yaml
rename to docs/adr/assets/runtime-examples/azure.yaml
diff --git a/docs/adrs/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/gcp.yaml
rename to docs/adr/assets/runtime-examples/gcp.yaml
diff --git a/docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
similarity index 100%
rename from docs/adrs/assets/runtime-examples/sap-converged-cloud.yaml
rename to docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
diff --git a/docs/adrs/provisioning.md b/docs/adr/provisioning.md
similarity index 100%
rename from docs/adrs/provisioning.md
rename to docs/adr/provisioning.md

From 68b441c9c0142c2a578124067c174a6e5fabefc5 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:26:24 +0200
Subject: [PATCH 10/49] Minor fixes

---
 docs/adr/provisioning.md | 38 +++++++++++++++++++-------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index b5c123c1..a53e12fd 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -1,36 +1,36 @@
 # Introduction
-This document defines architecture, and API for provisioning functionality.
+This document defines architecture, and API for the provisioning functionality.
 
 # Target architecture
 
-The following picture shows the proposed architecture:
+The following picture shows the agreed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
 
 > Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager includes renaming the CR to maintain consistency.
 
 The following assumptions were taken:
-- KEB is responsible for:
+- KEB has the following responsibilities:
     - Creating `Runtime` CR containing the following data:
-      - provider config (type, region, and secret with credentials for hyperscaler)
-      - worker pool specification
-      - cluster networking settings (nodes, pods, and services API ranges)
+      - Provider config (type, region, and secret with credentials for hyperscaler)
+      - Worker pool specification
+      - Cluster networking settings (nodes, pods, and services API ranges)
       - OIDC settings
-      - cluster administrators list
+      - Cluster administrators list
       - Egress network filter settings
       - Control Plane failure tolerance
-    - Observing status of the CR to determine whether provisioning succeeded
-- Kyma Infrastructure Manager is responsible for:
-    - creating shoots based on:
-      - corresponding `Runtime` CR properties
-      - predefined defaults for the optional properties:
+    - observing status of the CR to determine whether provisioning succeeded
+- Kyma Infrastructure Manager has the following responsibilities:
+    - Creating shoots based on:
+      - Corresponding `Runtime` CR properties
+      - Predefined defaults for the optional properties:
         - Kubernetes version
         - Machine image version
-      - predefined configuration for the following extensions:
+      - Predefined configuration for the following extensions:
         - DNS 
         - Certificates
-    - upgrading, and deleting shoots for corresponding `Runtime` CRs
-    - applying audit log configuration on the shoot resource
-    - generating kubeconfig
+    - Upgrading, and deleting shoots for corresponding `Runtime` CRs
+    - Applying audit log configuration on the shoot resource
+    - Generating kubeconfig
 
 # API proposal
 
@@ -119,9 +119,9 @@ spec:
       - admin@myorg.com
 ```
 
-There are some additional optional fields  that could be specified:
-- `spec.shoot.kubernetes.version` ; if not provided default value will be read by KIM from configuration
-- `spec.shoot.workers.machine.image` ; if not provided default value will be read by KIM from configuration
+There are some additional optional fields that could be specified:
+- `spec.shoot.kubernetes.version` ; if not provided default value will be read by the KIM from configuration
+- `spec.shoot.workers.machine.image` ; if not provided default value will be read by the KIM from configuration
 - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured
 - `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used
 - `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used

From 033249b042969824482511224ee6c1938c28c061 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:28:34 +0200
Subject: [PATCH 11/49] Minor fix

---
 docs/adr/assets/runtime-examples/aws-freemium.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 1ad50aa0..ef024091 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -15,9 +15,9 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # Set by KEB, required
+    # Set by the KEB, required
     name: shoot-name
-    # Set by KEB, required
+    # Set by the KEB, required
     purpose: evaluation
     kubernetes:
       kubeAPIServer:
@@ -48,7 +48,7 @@ spec:
           type: zone
     workers:
       - machine:
-          # Set by KEB, required
+          # Set by the KEB, required
           type: m5.xlarge
           # Optional, when not provider default will be used
           # Will be modified by the SRE

From 754b5d45a4a0fa289043034ce39ddd6f0ca328d5 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:32:57 +0200
Subject: [PATCH 12/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index a53e12fd..424282e9 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -17,7 +17,7 @@ The following assumptions were taken:
       - OIDC settings
       - Cluster administrators list
       - Egress network filter settings
-      - Control Plane failure tolerance
+      - Control Plane failure tolerance config
     - observing status of the CR to determine whether provisioning succeeded
 - Kyma Infrastructure Manager has the following responsibilities:
     - Creating shoots based on:

From d56059a8cf282127ca3c3e5aaf1289ce9cca0780 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:33:21 +0200
Subject: [PATCH 13/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 424282e9..7e27f70e 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -18,7 +18,7 @@ The following assumptions were taken:
       - Cluster administrators list
       - Egress network filter settings
       - Control Plane failure tolerance config
-    - observing status of the CR to determine whether provisioning succeeded
+    - Observing status of the CR to determine whether provisioning succeeded
 - Kyma Infrastructure Manager has the following responsibilities:
     - Creating shoots based on:
       - Corresponding `Runtime` CR properties

From 93ca88777706ffc3d77d2efc0104f13cd032590b Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:39:19 +0200
Subject: [PATCH 14/49] Minor fix

---
 docs/adr/assets/runtime-examples/aws-freemium.yaml        | 2 +-
 docs/adr/assets/runtime-examples/aws-minimal.yaml         | 2 +-
 docs/adr/assets/runtime-examples/aws-trial.yaml           | 2 +-
 docs/adr/assets/runtime-examples/aws.yaml                 | 2 +-
 docs/adr/assets/runtime-examples/azure-fremium.yaml       | 2 +-
 docs/adr/assets/runtime-examples/azure-lite.yaml          | 2 +-
 docs/adr/assets/runtime-examples/azure.yaml               | 2 +-
 docs/adr/assets/runtime-examples/gcp.yaml                 | 2 +-
 docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 2 +-
 docs/adr/provisioning.md                                  | 4 ++--
 10 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index ef024091..874a0203 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -36,7 +36,7 @@ spec:
       region: eu-central-1
       # Provided by the KEB, required.
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index 90d1f71b..7b6a76fb 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -33,7 +33,7 @@ spec:
       type: aws
       region: eu-central-1
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index 1b28520a..f5397bba 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -33,7 +33,7 @@ spec:
       type: aws
       region: eu-central-1
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index a3f1b6dd..5f06a280 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -45,7 +45,7 @@ spec:
     provider:
       type: aws
       region: eu-central-1
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index 0a953844..ef8d8867 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -33,7 +33,7 @@ spec:
       type: aws
       region: eu-central-1
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index c9ffe6d3..64886014 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -34,7 +34,7 @@ spec:
       type: aws
       region: eastus
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index d5c7d92c..b910b7fe 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -45,7 +45,7 @@ spec:
       type: aws
       region: eastus
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 103cc665..04a5d329 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -45,7 +45,7 @@ spec:
       type: aws
       region: europe-west3
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 9716fe2c..51915f39 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -45,7 +45,7 @@ spec:
       type: openstack
       region: eu-de-1
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 7e27f70e..72c8cbfc 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -78,7 +78,7 @@ spec:
       type: aws
       region: eu-central-1
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 100.64.0.0/12
@@ -166,7 +166,7 @@ spec:
       type: aws
       region: eu-central-1
       # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hypersaler secret"
+      secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
       pods: 100.64.0.0/12

From 7b689567e8a9e7da757d41e0048bcdb424a01875 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:42:25 +0200
Subject: [PATCH 15/49] Update provisioning.md

---
 docs/adr/provisioning.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 72c8cbfc..cb5b3dbe 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -44,7 +44,6 @@ Please mind that the `Runtime` CR should contain the following labels:
  kyma-project.io/broker-plan-name: plan-name
  kyma-project.io/global-account-id: global-account-id
  kyma-project.io/subaccount-id: subAccount-id
- kyma-project.io/shoot-name: shoot-name
  kyma-project.io/region: region
  operator.kyma-project.io/kyma-name: kymaName
 ```

From adf002904fdbae2717cdc7e5bcc5c69baa88a8ed Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:44:29 +0200
Subject: [PATCH 16/49] shoot-name label removed

---
 docs/adr/assets/runtime-examples/aws-freemium.yaml        | 1 -
 docs/adr/assets/runtime-examples/aws-minimal.yaml         | 1 -
 docs/adr/assets/runtime-examples/aws-trial.yaml           | 1 -
 docs/adr/assets/runtime-examples/aws.yaml                 | 1 -
 docs/adr/assets/runtime-examples/azure-fremium.yaml       | 1 -
 docs/adr/assets/runtime-examples/azure-lite.yaml          | 1 -
 docs/adr/assets/runtime-examples/azure.yaml               | 1 -
 docs/adr/assets/runtime-examples/gcp.yaml                 | 1 -
 docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 1 -
 9 files changed, 9 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 874a0203..a5b90c0f 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index 7b6a76fb..ff7e626f 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index f5397bba..a222bfb9 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 5f06a280..8124ef2e 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index ef8d8867..a80145c6 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 64886014..12344999 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index b910b7fe..a79cf8a9 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 04a5d329..32bd9896 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 51915f39..ad387d1c 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -8,7 +8,6 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id

From c47deaca7e3d808981e187886f987bbd6548496f Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:47:39 +0200
Subject: [PATCH 17/49] Revert "shoot-name label removed"

This reverts commit adf002904fdbae2717cdc7e5bcc5c69baa88a8ed.
---
 docs/adr/assets/runtime-examples/aws-freemium.yaml        | 1 +
 docs/adr/assets/runtime-examples/aws-minimal.yaml         | 1 +
 docs/adr/assets/runtime-examples/aws-trial.yaml           | 1 +
 docs/adr/assets/runtime-examples/aws.yaml                 | 1 +
 docs/adr/assets/runtime-examples/azure-fremium.yaml       | 1 +
 docs/adr/assets/runtime-examples/azure-lite.yaml          | 1 +
 docs/adr/assets/runtime-examples/azure.yaml               | 1 +
 docs/adr/assets/runtime-examples/gcp.yaml                 | 1 +
 docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 1 +
 9 files changed, 9 insertions(+)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index a5b90c0f..874a0203 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index ff7e626f..7b6a76fb 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index a222bfb9..f5397bba 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 8124ef2e..5f06a280 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index a80145c6..ef8d8867 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 12344999..64886014 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index a79cf8a9..b910b7fe 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 32bd9896..04a5d329 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index ad387d1c..51915f39 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -8,6 +8,7 @@ metadata:
     kyma-project.io/broker-plan-name: plan-name
     kyma-project.io/global-account-id: global-account-id
     kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id

From 20029d584ad6728ebc0b716cf661cb167fe800ce Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:48:34 +0200
Subject: [PATCH 18/49] last changes reverted

---
 docs/adr/provisioning.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index cb5b3dbe..72c8cbfc 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -44,6 +44,7 @@ Please mind that the `Runtime` CR should contain the following labels:
  kyma-project.io/broker-plan-name: plan-name
  kyma-project.io/global-account-id: global-account-id
  kyma-project.io/subaccount-id: subAccount-id
+ kyma-project.io/shoot-name: shoot-name
  kyma-project.io/region: region
  operator.kyma-project.io/kyma-name: kymaName
 ```

From e63d3645ea90cd275c2e211c4e85f3047c1901d2 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:49:59 +0200
Subject: [PATCH 19/49] Update provisioning.md

---
 docs/adr/provisioning.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 72c8cbfc..6879dcdd 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -74,6 +74,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
+    # spec.shoot.provider is provided by the KEB, required
     provider:
       type: aws
       region: eu-central-1
@@ -161,7 +162,7 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is provided by the KEB, required
+    # spec.shoot.provider is provided by the KEB, required
     provider:
       type: aws
       region: eu-central-1

From 512508096ed5d5da957ca36b3e096fc5a672aedb Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:50:50 +0200
Subject: [PATCH 20/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 6879dcdd..fc873f96 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -78,7 +78,6 @@ spec:
     provider:
       type: aws
       region: eu-central-1
-      # We must consider whether it makes sense to move HAP into KIM
       secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:
@@ -166,7 +165,6 @@ spec:
     provider:
       type: aws
       region: eu-central-1
-      # We must consider whether it makes sense to move HAP into KIM
       secretBindingName: "hyperscaler secret"
     # spec.shoot.Networking is Provided by the KEB, required
     networking:

From 01c53d71db72c0a4eb9cd9272bedd6ccb5b9aa2f Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:51:39 +0200
Subject: [PATCH 21/49] Update provisioning.md

---
 docs/adr/provisioning.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index fc873f96..a8f1d754 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -84,7 +84,7 @@ spec:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is provided by the KEB, required
     controlPlane:
       highAvailability:
         failureTolerance:
@@ -171,7 +171,7 @@ spec:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is provided by the KEB, required
     controlPlane:
       highAvailability:
         failureTolerance:

From eca112aee1082dde648341600b155b07387cc1aa Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:52:53 +0200
Subject: [PATCH 22/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index a8f1d754..ee93c700 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -111,7 +111,7 @@ spec:
   security:
     networking:
       filter:
-        # spec.security.networking is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
         egress:
           enabled: false
     # spec.security.administrators is provided by the KEB, required

From ff8a2f04a1c3d85a3adac91cd07f2ab494080b4a Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 15:53:31 +0200
Subject: [PATCH 23/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index ee93c700..e99a7426 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -220,7 +220,7 @@ spec:
     administrators:
       - admin@myorg.com
 ```
-> Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in teh first release.
+> Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in the first release.
 
 Please, see the following examples to understand what CRs need to be created for particular KEB plans:
 - [AWS trial plan](assets/runtime-examples/aws-trial.yaml)

From c7468f0e39eddaeb3b7592882b66d498d0de4d7e Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 16:03:11 +0200
Subject: [PATCH 24/49] README in adr folder added

---
 docs/adr/README.md       |  2 ++
 docs/adr/provisioning.md | 16 ++++++++--------
 2 files changed, 10 insertions(+), 8 deletions(-)
 create mode 100644 docs/adr/README.md

diff --git a/docs/adr/README.md b/docs/adr/README.md
new file mode 100644
index 00000000..00b25f5f
--- /dev/null
+++ b/docs/adr/README.md
@@ -0,0 +1,2 @@
+This folder contains architecture decision records.
+
diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index e99a7426..bbf5a5eb 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -232,7 +232,7 @@ Please, see the following examples to understand what CRs need to be created for
 ## API structures
 
 ```go
-package v2
+package v1
 
 import (
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
@@ -268,14 +268,14 @@ type Provider struct {
 }
 
 type Networking struct {
-	Pods     *string `json:"pods,omitempty"`
-	Nodes    *string `json:"nodes,omitempty"`
-	Services *string `json:"services,omitempty"`
+	Pods     string `json:"pods,omitempty"`
+	Nodes    string `json:"nodes,omitempty"`
+	Services string `json:"services,omitempty"`
 }
 
 type Kubernetes struct {
-	Version       string     `json:"version"`
-	KubeAPIServer *APIServer `json:"kubeAPIServer,omitempty"`
+	Version       string    `json:"version"`
+	KubeAPIServer APIServer `json:"kubeAPIServer,omitempty"`
 }
 
 type APIServer struct {
@@ -293,8 +293,8 @@ type NetworkingSecurity struct {
 }
 
 type Filter struct {
-	Ingress Ingress `json:"ingress"`
-	Egress  Egress  `json:"egress"`
+	Ingress *Ingress `json:"ingress"`
+	Egress  Egress   `json:"egress"`
 }
 
 type Ingress struct {

From 3d91dcb23824c819912697ad1ae26a5be76c50c2 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 16:04:52 +0200
Subject: [PATCH 25/49] README in adr folder added

---
 docs/adr/README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/adr/README.md b/docs/adr/README.md
index 00b25f5f..8e4669d2 100644
--- a/docs/adr/README.md
+++ b/docs/adr/README.md
@@ -1,2 +1,8 @@
+# Overview
+
 This folder contains architecture decision records.
 
+# Documents
+
+- [Provisioning functionality](./provisioning.md)
+

From fa9269b131f549e00d61c1cda7bea7a9fb1509c0 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 16:05:32 +0200
Subject: [PATCH 26/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index bbf5a5eb..09a18926 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -1,5 +1,5 @@
 # Introduction
-This document defines architecture, and API for the provisioning functionality.
+This document defines architecture, and API for the Gardener cluster provisioning functionality.
 
 # Target architecture
 

From 35f213477d4e58350cd4d4cbbc06ec81d6a7d9fd Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Wed, 8 May 2024 16:06:04 +0200
Subject: [PATCH 27/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 09a18926..115c9113 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -6,7 +6,7 @@ This document defines architecture, and API for the Gardener cluster provisionin
 The following picture shows the agreed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
 
-> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality in the Kyma Infrastructure Manager includes renaming the CR to maintain consistency.
+> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency.
 
 The following assumptions were taken:
 - KEB has the following responsibilities:

From 8c65e3a332fe42daecefb06710fcacacf1ea2bec Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 9 May 2024 11:06:18 +0200
Subject: [PATCH 28/49] Review remarks applied

---
 .../adr/assets/keb-kim-target-arch.drawio.svg |  2 +-
 .../assets/runtime-examples/aws-freemium.yaml |  1 +
 .../assets/runtime-examples/aws-minimal.yaml  |  1 +
 .../assets/runtime-examples/aws-trial.yaml    |  1 +
 docs/adr/assets/runtime-examples/aws.yaml     |  1 +
 .../runtime-examples/azure-fremium.yaml       |  1 +
 .../assets/runtime-examples/azure-lite.yaml   |  1 +
 docs/adr/assets/runtime-examples/azure.yaml   |  1 +
 docs/adr/assets/runtime-examples/gcp.yaml     |  1 +
 .../runtime-examples/sap-converged-cloud.yaml |  1 +
 docs/adr/provisioning.md                      | 57 ++++++++++++-------
 11 files changed, 45 insertions(+), 23 deletions(-)

diff --git a/docs/adr/assets/keb-kim-target-arch.drawio.svg b/docs/adr/assets/keb-kim-target-arch.drawio.svg
index 439cb4ba..b53f8f70 100644
--- a/docs/adr/assets/keb-kim-target-arch.drawio.svg
+++ b/docs/adr/assets/keb-kim-target-arch.drawio.svg
@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Do not edit this file with editors other than draw.io -->
 <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="822px" height="591px" viewBox="-0.5 -0.5 822 591" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-05-08T12:21:32.566Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;9fDpxlZcrvNXN_X_p45L&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.3.1&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;577&quot; dy=&quot;1271&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;690&quot; height=&quot;580&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;750&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;800&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;Runtime CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;RuntimeKubeconfig&amp;amp;nbsp;CRD contains data needed to fetch kubeconfig. &amp;lt;b&amp;gt;&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;490&quot; y=&quot;610&quot; width=&quot;190&quot; height=&quot;100&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;640&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;RuntimeKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;Runtime CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;mGOWFElGAteea3bxPiqX-24&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; edge=&quot;1&quot; parent=&quot;1&quot; source=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; target=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="690" height="580" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="740" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 741px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="780" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 720.5 235 L 720.5 224.5 L 739.5 240 L 720.5 255.5 L 720.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 785 435 L 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54 L 795 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 785 304.54 L 774.5 304.54 L 790 279.54 L 805.5 304.54 L 795 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="630" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 631px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="715" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g><g/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="851px" height="591px" viewBox="-0.5 -0.5 851 591" content="&lt;mxfile host=&quot;app.diagrams.net&quot; modified=&quot;2024-05-09T08:35:35.937Z&quot; agent=&quot;Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36&quot; etag=&quot;SLstISsH5nRcHgYSm9at&quot; scale=&quot;1&quot; border=&quot;0&quot; version=&quot;24.3.1&quot; type=&quot;device&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;0ahoYHhgpX2lhLgWHN-l&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;1217&quot; dy=&quot;631&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; value=&quot;&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;dashed=1&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;141&quot; y=&quot;150&quot; width=&quot;599&quot; height=&quot;580&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;2&quot; value=&quot;Kyma Environment Broker&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;170&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;3&quot; value=&quot;BTP&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;280&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;4&quot; value=&quot;Kyma Infrastructure Manager&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;510&quot; y=&quot;360&quot; width=&quot;120&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;5&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;3&quot; target=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;460&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;&quot; parent=&quot;1&quot; source=&quot;2&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;340&quot; y=&quot;310&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;8&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.596;entryY=-0.017;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; target=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;520&quot; y=&quot;310&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;670&quot; y=&quot;240&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;582&quot; y=&quot;310&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;9&quot; value=&quot;Gardener&quot; style=&quot;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;780&quot; y=&quot;350&quot; width=&quot;80&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;10&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;660&quot; y=&quot;380&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;710&quot; y=&quot;330&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;12&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; height=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;700&quot; y=&quot;570&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;570&quot; y=&quot;490&quot; as=&quot;targetPoint&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;13&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;290&quot; y=&quot;380&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;14&quot; value=&quot;Create CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;600&quot; y=&quot;460&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;15&quot; value=&quot;1&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;16&quot; value=&quot;2&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;590&quot; y=&quot;290&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;17&quot; value=&quot;3&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;660&quot; y=&quot;340&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;18&quot; value=&quot;Start provisioning&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;540&quot; y=&quot;260&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;19&quot; value=&quot;Create shoot CR&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;620&quot; y=&quot;310&quot; width=&quot;140&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;20&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;17&quot; target=&quot;17&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;21&quot; value=&quot;4&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;427&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;22&quot; value=&quot;&quot; style=&quot;shape=flexArrow;endArrow=classic;html=1;rounded=0;fontSize=12;startSize=8;endSize=8;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=0.625;entryY=0.988;entryDx=0;entryDy=0;entryPerimeter=0;&quot; parent=&quot;1&quot; source=&quot;4&quot; target=&quot;9&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;50&quot; height=&quot;50&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;530&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;470&quot; y=&quot;480&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;390&quot; /&gt;&#10;              &lt;mxPoint x=&quot;440&quot; y=&quot;590&quot; /&gt;&#10;              &lt;mxPoint x=&quot;830&quot; y=&quot;590&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;23&quot; value=&quot;5&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;aspect=fixed;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;379&quot; y=&quot;440&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;24&quot; value=&quot;Fetch kubeconfig&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;369&quot; y=&quot;480&quot; width=&quot;60&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-25&quot; value=&quot;Runtime CRD&amp;amp;nbsp;contains details of the cluster&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;370&quot; y=&quot;190&quot; width=&quot;120&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;uJiPobTpmp8qSl2DZlkU-26&quot; value=&quot;RuntimeKubeconfig&amp;amp;nbsp;CRD contains data needed to fetch kubeconfig. &amp;lt;b&amp;gt;&amp;amp;nbsp;&amp;lt;/b&amp;gt;&quot; style=&quot;shape=document;whiteSpace=wrap;html=1;boundedLbl=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;490&quot; y=&quot;610&quot; width=&quot;190&quot; height=&quot;100&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;6NZ_8cFfOJs-itlOXwdO-32&quot; value=&quot;Kyma Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=16;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;560&quot; y=&quot;160&quot; width=&quot;170&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-24&quot; value=&quot;RuntimeKubeconfig CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;485&quot; y=&quot;490&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;nGG45oqGqh6GDVyRlN8J-25&quot; value=&quot;Runtime CR&quot; style=&quot;rounded=0;whiteSpace=wrap;html=1;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;340&quot; y=&quot;280&quot; width=&quot;180&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;mGOWFElGAteea3bxPiqX-24&quot; style=&quot;edgeStyle=none;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=12;startSize=8;endSize=8;&quot; parent=&quot;1&quot; source=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; target=&quot;6NZ_8cFfOJs-itlOXwdO-31&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;"><defs/><g><g><rect x="131" y="0" width="599" height="580" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/></g><g><rect x="160" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 161px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Environment Broker</div></div></div></foreignObject><text x="220" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Environment Bro...</text></switch></g></g><g><rect x="0" y="130" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">BTP</div></div></div></foreignObject><text x="60" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">BTP</text></switch></g></g><g><rect x="500" y="210" width="120" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 240px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Infrastructure Manager</div></div></div></foreignObject><text x="560" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Kyma Infrastructure...</text></switch></g></g><g><path d="M 120.5 165 L 120.5 155 L 140.5 155 L 140.5 144.5 L 159.5 160 L 140.5 175.5 L 140.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 280.5 165 L 280.5 155 L 310.5 155 L 310.5 144.5 L 329.5 160 L 310.5 175.5 L 310.5 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155 L 577.05 155 L 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43 L 566.95 165 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 529.5 165 L 529.5 175.5 L 510.5 160 L 529.5 144.5 L 529.5 155" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/><path d="M 576.71 189.53 L 587.21 189.63 L 571.52 208.48 L 556.21 189.33 L 566.71 189.43" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><rect x="770" y="200" width="80" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 240px; margin-left: 771px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Gardener</div></div></div></foreignObject><text x="810" y="244" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Gardener</text></switch></g></g><g><path d="M 620.5 245 L 620.5 235 L 750.5 235 L 750.5 224.5 L 769.5 240 L 750.5 255.5 L 750.5 245 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><path d="M 555 295.5 L 544.5 295.5 L 560 270.5 L 575.5 295.5 L 565 295.5 L 565 314.5 L 575.5 314.5 L 560 339.5 L 544.5 314.5 L 555 314.5 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><rect x="280" y="230" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 281px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="325" y="249" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><rect x="590" y="310" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 325px; margin-left: 591px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create CR</div></div></div></foreignObject><text x="620" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create CR</text></switch></g></g><g><ellipse cx="320" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 301px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">1</div></div></div></foreignObject><text x="320" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1</text></switch></g></g><g><ellipse cx="600" cy="160" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 160px; margin-left: 581px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">2</div></div></div></foreignObject><text x="600" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">2</text></switch></g></g><g><ellipse cx="670" cy="210" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 210px; margin-left: 651px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">3</div></div></div></foreignObject><text x="670" y="214" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3</text></switch></g></g><g><rect x="530" y="110" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 125px; margin-left: 531px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Start provisioning</div></div></div></foreignObject><text x="600" y="129" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Start provisioning</text></switch></g></g><g><rect x="610" y="160" width="140" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 175px; margin-left: 611px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Create shoot CR</div></div></div></foreignObject><text x="680" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Create shoot CR</text></switch></g></g><g/><g><ellipse cx="620" cy="297" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 297px; margin-left: 601px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">4</div></div></div></foreignObject><text x="620" y="301" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">4</text></switch></g></g><g><path d="M 499.5 235 L 499.5 245 L 435 245 L 435 435 L 815 435 L 815 304.54 L 804.5 304.54 L 820 279.54 L 835.5 304.54 L 825 304.54 L 825 445 L 425 445 L 425 235 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="1.42" pointer-events="all"/><path d="M 815 304.54 L 804.5 304.54 L 820 279.54 L 835.5 304.54 L 825 304.54" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="4" pointer-events="all"/></g><g><ellipse cx="389" cy="310" rx="20" ry="20" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 310px; margin-left: 370px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">5</div></div></div></foreignObject><text x="389" y="314" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">5</text></switch></g></g><g><rect x="359" y="330" width="60" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 345px; margin-left: 360px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Fetch kubeconfig</div></div></div></foreignObject><text x="389" y="349" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Fetch kube...</text></switch></g></g><g><path d="M 360 40 L 480 40 L 480 108 Q 450 86.4 420 108 Q 390 129.6 360 108 L 360 52 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 68px; margin-left: 361px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CRD contains details of the cluster</div></div></div></foreignObject><text x="420" y="72" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CRD contains...</text></switch></g></g><g><path d="M 480 460 L 670 460 L 670 545 Q 622.5 518 575 545 Q 527.5 572 480 545 L 480 475 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 188px; height: 1px; padding-top: 495px; margin-left: 481px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CRD contains data needed to fetch kubeconfig. <b> </b></div></div></div></foreignObject><text x="575" y="499" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CRD contains...</text></switch></g></g><g><rect x="550" y="10" width="170" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 25px; margin-left: 551px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 16px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Kyma Control Plane</div></div></div></foreignObject><text x="635" y="30" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="16px" text-anchor="middle">Kyma Control Plane</text></switch></g></g><g><rect x="475" y="340" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 370px; margin-left: 476px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">RuntimeKubeconfig CR</div></div></div></foreignObject><text x="560" y="374" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">RuntimeKubeconfig CR</text></switch></g></g><g><rect x="330" y="130" width="180" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 160px; margin-left: 331px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Runtime CR</div></div></div></foreignObject><text x="420" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Runtime CR</text></switch></g></g><g/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 874a0203..0a938793 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index 7b6a76fb..df882352 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index f5397bba..afb7909d 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 5f06a280..7f00d576 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index ef8d8867..e503843b 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 64886014..1b405683 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index b910b7fe..efe49305 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 04a5d329..175e57d0 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 51915f39..bfa45b4b 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -10,6 +10,7 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 115c9113..ff3dfd20 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -9,28 +9,40 @@ The following picture shows the agreed architecture:
 > Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency.
 
 The following assumptions were taken:
-- KEB has the following responsibilities:
-    - Creating `Runtime` CR containing the following data:
-      - Provider config (type, region, and secret with credentials for hyperscaler)
-      - Worker pool specification
-      - Cluster networking settings (nodes, pods, and services API ranges)
-      - OIDC settings
-      - Cluster administrators list
-      - Egress network filter settings
-      - Control Plane failure tolerance config
-    - Observing status of the CR to determine whether provisioning succeeded
-- Kyma Infrastructure Manager has the following responsibilities:
-    - Creating shoots based on:
-      - Corresponding `Runtime` CR properties
-      - Predefined defaults for the optional properties:
-        - Kubernetes version
-        - Machine image version
-      - Predefined configuration for the following extensions:
-        - DNS 
-        - Certificates
-    - Upgrading, and deleting shoots for corresponding `Runtime` CRs
-    - Applying audit log configuration on the shoot resource
-    - Generating kubeconfig
+- Kyma Environment Broker should not contain all the details of the cluster infrastructure.
+- Kyma Infrastructure Manager's API should expose properties that:
+  - can be set in the BTP cockpit by the user
+  - are directly related to plans in the KEB
+- Kyma Infrastructure Manager's API should not expose properties that are:
+  - hardcoded in the Provisioner, or the KEB
+  - statically configured in the management-plane-config
+
+The Kyma Environment Broker has the following responsibilities:  
+- Creating `Runtime` CR containing the following data:
+    - Provider config (type, region, and secret with credentials for hyperscaler)
+    - Worker pool specification
+    - Cluster networking settings (nodes, pods, and services API ranges)
+    - OIDC settings
+    - Cluster administrators list
+    - Egress network filter settings
+    - Control Plane failure tolerance config
+  - Observing status of the CR to determine whether provisioning succeeded
+
+ The Kyma Infrastructure Manager has the following responsibilities:
+- Creating shoots based on:
+   - Corresponding `Runtime` CR properties
+   - Corresponding `Runtime` CR labels:
+     -  `kyma-project.io/platform-region` for determining if the cluster is located in EU 
+   - Predefined defaults for the optional properties:
+     - Kubernetes version
+     - Machine image version
+   - Predefined configuration for the following functionalities:
+     - configuring DNS extension 
+     - configuring Certificates extension
+     - providing maintenance settings (Kubernetes, and image autoupdates)
+ - Upgrading, and deleting shoots for corresponding `Runtime` CRs
+ - Applying audit log configuration on the shoot resource
+ - Generating kubeconfig
 
 # API proposal
 
@@ -46,6 +58,7 @@ Please mind that the `Runtime` CR should contain the following labels:
  kyma-project.io/subaccount-id: subAccount-id
  kyma-project.io/shoot-name: shoot-name
  kyma-project.io/region: region
+ kyma-project.io/platform-region: platform-region
  operator.kyma-project.io/kyma-name: kymaName
 ```
 

From a3147e6a0e4addd1e2d4df95e2fbe94758f2d72d Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 9 May 2024 11:07:57 +0200
Subject: [PATCH 29/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index ff3dfd20..f9125231 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -3,7 +3,7 @@ This document defines architecture, and API for the Gardener cluster provisionin
 
 # Target architecture
 
-The following picture shows the agreed architecture:
+The following picture shows the proposed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
 
 > Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency.

From ce71c36dfa0b90a848204f685fb7a0c359e6e261 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 9 May 2024 11:09:59 +0200
Subject: [PATCH 30/49] Update provisioning.md

---
 docs/adr/provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index f9125231..c1b2bbc1 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -26,7 +26,7 @@ The Kyma Environment Broker has the following responsibilities:
     - Cluster administrators list
     - Egress network filter settings
     - Control Plane failure tolerance config
-  - Observing status of the CR to determine whether provisioning succeeded
+- Observing status of the CR to determine whether provisioning succeeded
 
  The Kyma Infrastructure Manager has the following responsibilities:
 - Creating shoots based on:

From 506e938779cfdb2c054dcd5a1a93acdb3c887cf9 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 9 May 2024 13:52:05 +0200
Subject: [PATCH 31/49] Apply suggestions from code review

Co-authored-by: Grzegorz Karaluch <grzegorz.karaluch@sap.com>
---
 docs/adr/provisioning.md | 46 ++++++++++++++++++++--------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index c1b2bbc1..38fb3649 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -1,24 +1,24 @@
 # Introduction
-This document defines architecture, and API for the Gardener cluster provisioning functionality.
+This document defines the architecture and API for the Gardener cluster provisioning functionality.
 
 # Target architecture
 
-The following picture shows the proposed architecture:
+The following diagram shows the proposed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
 
-> Note: at the time of writing the `GardenerCluster` CR is used for generating kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency.
+> Note: At the time of writing, the GardenerCluster CR was used to generate kubeconfig. The [workplan](https://github.com/kyma-project/infrastructure-manager/issues/112) for delivering provisioning functionality includes renaming the CR to maintain consistency.
 
 The following assumptions were taken:
-- Kyma Environment Broker should not contain all the details of the cluster infrastructure.
-- Kyma Infrastructure Manager's API should expose properties that:
+- Kyma Environment Broker must not contain all the details of the cluster infrastructure.
+- Kyma Infrastructure Manager's API must expose properties that:
   - can be set in the BTP cockpit by the user
   - are directly related to plans in the KEB
-- Kyma Infrastructure Manager's API should not expose properties that are:
+- Kyma Infrastructure Manager's API must not expose properties that are:
   - hardcoded in the Provisioner, or the KEB
   - statically configured in the management-plane-config
 
-The Kyma Environment Broker has the following responsibilities:  
-- Creating `Runtime` CR containing the following data:
+Kyma Environment Broker has the following responsibilities:  
+- Create Runtime CR containing the following data:
     - Provider config (type, region, and secret with credentials for hyperscaler)
     - Worker pool specification
     - Cluster networking settings (nodes, pods, and services API ranges)
@@ -26,10 +26,10 @@ The Kyma Environment Broker has the following responsibilities:
     - Cluster administrators list
     - Egress network filter settings
     - Control Plane failure tolerance config
-- Observing status of the CR to determine whether provisioning succeeded
+- Observe the status of the CR to determine whether provisioning succeeded
 
- The Kyma Infrastructure Manager has the following responsibilities:
-- Creating shoots based on:
+ Kyma Infrastructure Manager has the following responsibilities:
+- Create shoots based on:
    - Corresponding `Runtime` CR properties
    - Corresponding `Runtime` CR labels:
      -  `kyma-project.io/platform-region` for determining if the cluster is located in EU 
@@ -40,15 +40,15 @@ The Kyma Environment Broker has the following responsibilities:
      - configuring DNS extension 
      - configuring Certificates extension
      - providing maintenance settings (Kubernetes, and image autoupdates)
- - Upgrading, and deleting shoots for corresponding `Runtime` CRs
- - Applying audit log configuration on the shoot resource
- - Generating kubeconfig
+ - Upgrade and delete shoots for the corresponding `Runtime` CRs
+ - Apply the audit log configuration on the shoot resource
+ - Generate the kubeconfig
 
 # API proposal
 
 ## CR examples
 
-Please mind that the `Runtime` CR should contain the following labels:
+MInd that the Runtime CR must contain the following labels:
 ```yaml
  kyma-project.io/instance-id: instance-id
  kyma-project.io/runtime-id: runtime-id
@@ -64,7 +64,7 @@ Please mind that the `Runtime` CR should contain the following labels:
 
 The labels are skipped in the following examples due to clarity.
 
-The example below shows the CR that should be created by the KEB to provision AWS production cluster:
+The example below shows the CR that must be created by the KEB to provision the AWS production cluster:
 ```yaml
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
@@ -133,13 +133,13 @@ spec:
 ```
 
 There are some additional optional fields that could be specified:
-- `spec.shoot.kubernetes.version` ; if not provided default value will be read by the KIM from configuration
-- `spec.shoot.workers.machine.image` ; if not provided default value will be read by the KIM from configuration
-- `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no addition OIDC provider will be configured
-- `spec.shoot.workers.name` ; if not provided, some hardcoded name will be used
-- `spec.security.networking.filtering.ingress.enabled` ; if not provided `false` value will be used
+- `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration
+- `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration
+- `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured
+- `spec.shoot.workers.name` ; if not provided, a hardcoded name will be used
+- `spec.security.networking.filtering.ingress.enabled` ; if not provided, the `false` value will be used
 
-The following example shows what `Runtime` CR should be created to provision a cluster with additional OIDC provider, and ingress network filtering enabled:
+The following example shows the Runtime CR that must be created to provision a cluster with an additional OIDC provider and to enable ingress network filtering:
 ```yaml
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
@@ -235,7 +235,7 @@ spec:
 ```
 > Note: please mind that the additional OIDC providers, and ingress network filtering will not be implemented in the first release.
 
-Please, see the following examples to understand what CRs need to be created for particular KEB plans:
+Please see the following examples to understand what CRs must be created for particular KEB plans:
 - [AWS trial plan](assets/runtime-examples/aws-trial.yaml)
 - [Azure](assets/runtime-examples/azure.yaml)
 - [Azure lite](assets/runtime-examples/azure-lite.yaml)

From a00237d10520368698c1ca7dc693c3a6096249cf Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 9 May 2024 18:01:10 +0200
Subject: [PATCH 32/49] Minor refactoring

---
 .../assets/runtime-examples/aws-freemium.yaml |  46 ++++----
 .../assets/runtime-examples/aws-minimal.yaml  |  33 +++---
 .../assets/runtime-examples/aws-trial.yaml    |  33 +++---
 docs/adr/assets/runtime-examples/aws.yaml     |  44 ++++----
 .../runtime-examples/azure-fremium.yaml       |  33 +++---
 .../assets/runtime-examples/azure-lite.yaml   |  39 +++----
 docs/adr/assets/runtime-examples/azure.yaml   |  43 ++++----
 docs/adr/assets/runtime-examples/gcp.yaml     |  43 ++++----
 .../runtime-examples/sap-converged-cloud.yaml |  39 +++----
 docs/adr/provisioning.md                      | 100 ++++++++++--------
 10 files changed, 234 insertions(+), 219 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 0a938793..70067d62 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -16,13 +16,17 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # Set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # Set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: evaluation
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -31,56 +35,52 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
-      ## Provided by the KEB, required
       type: aws
-      ## Provided by the KEB, required
-      region: eu-central-1
-      # Provided by the KEB, required.
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
+    # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: zone
     workers:
       - machine:
-          # Set by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: m5.xlarge
-          # Optional, when not provider default will be used
+          # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
           image:
             name: gardenlinux
             version: 1312.3.0
-        # Provided by the KEB, required for the first release
-        # Finally can be moved into KIM, as it is hardcoded in KEB
+        # spec.shoot.workers.volume is required for the first release
+        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
         volume:
           type: gp2
           size: 50Gi
-        # Provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
-        # Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # Provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 1
-        # Provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 1
-        # Provided by the KEB, required in the first release.
-        # It can be optional removed in the future, as it equals to zone count
+        # spec.shoot.workers.maxSurge is required in the first release.
+        # It can be optional in the future, as it equals to zone count
         maxSurge: 1
-        # Provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
+        # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-    # Provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index df882352..6c4bf1f0 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -16,13 +16,17 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -32,44 +36,41 @@ spec:
           usernameClaim: sub
     provider:
       type: aws
-      region: eu-central-1
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: node
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: m6i.large
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
           - eu-central-1b
           - eu-central-1c
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking is provided by the KEB, required
+        # spec.security.networking is required
         egress:
           enabled: false
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index afb7909d..1f4517d1 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -16,13 +16,17 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: evaluation
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -32,42 +36,39 @@ spec:
           usernameClaim: sub
     provider:
       type: aws
-      region: eu-central-1
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: zone
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: mx5.large
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 1
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 1
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 7f00d576..bf75089d 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -16,16 +16,20 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
-    # Will be modified by the SRE
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      # Will be modified by the SRE
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -33,7 +37,7 @@ spec:
           signingAlgs:
           - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -42,61 +46,59 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is provided by the KEB, required
+    ## spec.shoot.provider is required
     provider:
       type: aws
-      region: eu-central-1
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: zone
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: m6i.large
           # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
           image:
             name: gardenlinux
             version: 1312.3.0
-        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # spec.shoot.workers.volume is required for the first release
         # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
         volume:
           type: gp2
           size: 50Gi
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
           - eu-central-1b
           - eu-central-1c
-        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        # spec.security.networking.filter.ingress.enabled is optional (default=false), not implemented in the first KIM release
         ingress:
           enabled: true
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index e503843b..ffd75ea8 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -16,13 +16,17 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is set required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: evaluation
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -32,42 +36,39 @@ spec:
           usernameClaim: sub
     provider:
       type: aws
-      region: eu-central-1
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: node
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: mx5.large
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 1
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 1
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 1b405683..f214560e 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -16,13 +16,17 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: eastus
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -30,57 +34,54 @@ spec:
           signingAlgs:
           - RS256
         usernameClaim: sub
-    ## spec.shoot.provider is provided by the KEB, required
+    # spec.shoot.provider is required
     provider:
       type: aws
-      region: eastus
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is optional, default=nil
     controlPlane:
       highAvailability:
         failureTolerance:
           type: node
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: Standard_D4s_v5
           # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
           image:
             name: gardenlinux
             version: 1312.3.0
-        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # spec.shoot.workers.volume is required for the first release
         # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
         volume:
           type: Standard_LRS
           size: 50Gi
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eastus1
-        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 2
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 10
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index efe49305..383dff61 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -16,15 +16,19 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: eastus
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -32,7 +36,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -41,62 +45,59 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is provided by the KEB, required
+    ## spec.shoot.provider is required
     provider:
       type: aws
-      region: eastus
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: zone
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type provided is required
           type: Standard_D2s_v5
           # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
           image:
             name: gardenlinux
             version: 1312.3.0
-        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # spec.shoot.workers.volume is required for the first release
         # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
         volume:
           type: Standard_LRS
           size: 50Gi
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eastus1
           - eastus2
           - eastus3
-        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        # spec.security.networking.filter.ingress.enabled is optional (default=false)
         ingress:
           enabled: true
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 175e57d0..6f3b5a38 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -16,15 +16,19 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: europe-west3
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -32,7 +36,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -41,62 +45,59 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is provided by the KEB, required
+    ## spec.shoot.provider is required
     provider:
       type: aws
-      region: europe-west3
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, optional, default=nil
+    # spec.shoot.controlPlane is optional, default=nil
     controlPlane:
       highAvailability:
         failureTolerance:
           type: zone
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: n2-standard-2
           # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
           image:
             name: gardenlinux
             version: 1312.3.0
-        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # spec.shoot.workers.volume is required for the first release
         # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
         volume:
           type: pd-standard
           size: 50Gi
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - europe-west3a
           - europe-west3b
           - europe-west3c
-        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        # spec.security.networking.filter.ingress.enabled is optional (default=false)
         ingress:
           enabled: true
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
\ No newline at end of file
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index bfa45b4b..74ccaab5 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -16,15 +16,19 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: eu-de-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -32,7 +36,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -41,25 +45,22 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is provided by the KEB, required
+    ## spec.shoot.provider is required
     provider:
       type: openstack
-      region: eu-de-1
-      # We must consider whether it makes sense to move HAP into KIM
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
       nodes: 10.250.0.0/22
       services: 10.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: zone
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: g_c2_m8
           # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
@@ -72,27 +73,27 @@ spec:
           - eu-de-1a
           - eu-de-1b
           - eu-de-1d
-        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        # spec.security.networking.filter.ingress.enabled is optional (default=false)
         ingress:
           enabled: true
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 38fb3649..f570603e 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -73,13 +73,17 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -87,47 +91,44 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-    # spec.shoot.provider is provided by the KEB, required
     provider:
       type: aws
-      region: eu-central-1
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
           type: node
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: m6i.large
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
           - eu-central-1b
           - eu-central-1c
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking is required
         egress:
           enabled: false
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
 ```
@@ -148,16 +149,20 @@ metadata:
   namespace: kcp-system
 spec:
   shoot:
-    # spec.shoot.name is set by the KEB, required
+    # spec.shoot.name is required
     name: shoot-name
-    # spec.shoot.purpose is set by the KEB, required
+    # spec.shoot.purpose is required
     purpose: production
-    # Will be modified by the SRE
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      # Will be modified by the SRE
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is provided by the KEB, required
+        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -165,7 +170,7 @@ spec:
           signingAlgs:
           - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is provided by the KEB, optional, not implemented in the first KIM release
+        # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -174,62 +179,60 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    # spec.shoot.provider is provided by the KEB, required
+    ## spec.shoot.provider is required
     provider:
       type: aws
-      region: eu-central-1
-      secretBindingName: "hyperscaler secret"
-    # spec.shoot.Networking is Provided by the KEB, required
+    # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
-    # spec.shoot.controlPlane is provided by the KEB, required
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
-          type: node
+          type: zone
     workers:
       - machine:
-          # spec.shoot.workers.machine.type provided by the KEB, required
+          # spec.shoot.workers.machine.type is required
           type: m6i.large
           # spec.shoot.workers.machine.image is optional, when not provider default will be used
           # Will be modified by the SRE
           image:
             name: gardenlinux
             version: 1312.3.0
-        # spec.shoot.workers.volume is provided by the KEB, required for the first release
+        # spec.shoot.workers.volume is required for the first release
         # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
         volume:
           type: gp2
           size: 50Gi
-        # spec.shoot.workers.zones is provided by the KEB, required
+        # spec.shoot.workers.zones is required
         zones:
           - eu-central-1a
           - eu-central-1b
           - eu-central-1c
-        # spec.shoot.workers.name is provided by the KEB. Optional, if not provided default will be used
+        # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
-        # spec.shoot.workers.minimum is provided by the KEB, required
+        # spec.shoot.workers.minimum is required
         minimum: 3
-        # spec.shoot.workers.maximum is provided by the KEB, required
+        # spec.shoot.workers.maximum is required
         maximum: 20
-        # spec.shoot.workers.maxSurge is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxSurge is required in the first release.
         # It can be optional in the future, as it equals to zone count
         maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is provided by the KEB, required in the first release.
+        # spec.shoot.workers.maxUnavailable is required in the first release.
         # It can be optional in the future, as it is always set to 0
         maxUnavailable:  0
   security:
     networking:
       filter:
-        # spec.security.networking.filter.egress.enabled is provided by the KEB, required
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
-        # spec.security.networking.filter.ingress.enabled will be provided by the KEB, optional (default=false)
+        # spec.security.networking.filter.ingress.enabled is optional (default=false), not implemented in the first KIM release
         ingress:
           enabled: true
-    # spec.security.administrators is provided by the KEB, required
+    # spec.security.administrators is required
     administrators:
       - admin@myorg.com
 ```
@@ -250,6 +253,7 @@ package v1
 import (
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
 )
 
 type Runtime struct {
@@ -266,18 +270,20 @@ type RuntimeSpec struct {
 }
 
 type Shoot struct {
-	Name       string             `json:"name"`
-	Purpose    string             `json:"purpose"`
-	Kubernetes Kubernetes         `json:"kubernetes"`
-	Provider   Provider           `json:"provider"`
-	Networking Networking         `json:"networking"`
-	Workers    *[]gardener.Worker `json:"workers,omitempty"`
+	Name              string             `json:"name"`
+	Purpose           string             `json:"purpose"`
+	Region            string             `json:"region"`
+	SecretBindingName string             `json:"secretBindingName"`
+	Kubernetes        Kubernetes         `json:"kubernetes"`
+	Provider          Provider           `json:"provider"`
+	Networking        Networking         `json:"networking"`
+	Workers           *[]gardener.Worker `json:"workers,omitempty"`
 }
 
 type Provider struct {
-	Type              string `json:"type"`
-	Region            string `json:"region"`
-	SecretBindingName string `json:"secretBindingName"`
+	Type                 string                `json:"type"`
+	ControlPlaneConfig   *runtime.RawExtension `json:"controlPlaneConfig,omitempty"`
+	InfrastructureConfig *runtime.RawExtension `json:"infrastructureConfig,omitempty"`
 }
 
 type Networking struct {

From af9a219ce00fa515d95033f099469bc5e317a53e Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 08:34:59 +0200
Subject: [PATCH 33/49] Added Provider Specific Config to the examples

---
 .../assets/runtime-examples/aws-freemium.yaml | 18 ++++++++++++-
 .../assets/runtime-examples/aws-minimal.yaml  | 24 +++++++++++++++++
 .../assets/runtime-examples/aws-trial.yaml    | 18 ++++++++++++-
 docs/adr/assets/runtime-examples/aws.yaml     | 26 ++++++++++++++++++-
 .../runtime-examples/azure-fremium.yaml       | 19 +++++++++++++-
 .../assets/runtime-examples/azure-lite.yaml   | 19 +++++++++++++-
 docs/adr/assets/runtime-examples/azure.yaml   | 26 +++++++++++++++++--
 docs/adr/assets/runtime-examples/gcp.yaml     | 14 +++++++++-
 .../runtime-examples/sap-converged-cloud.yaml | 12 +++++++++
 9 files changed, 168 insertions(+), 8 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 70067d62..2dfa5323 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -36,6 +36,22 @@ spec:
           usernameClaim: sub
     provider:
       type: aws
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        kind: InfrastructureConfig
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        networks:
+          vpc:
+            cidr: 10.250.0.0/22
+          zones:
+            - name: eu-central-1b
+              internal: 10.250.0.192/26
+              public: 10.250.0.128/26
+              workers: 10.250.0.0/25
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
@@ -62,7 +78,7 @@ spec:
           size: 50Gi
         # spec.shoot.workers.zones is required
         zones:
-          - eu-central-1a
+          - eu-central-1b
         # spec.shoot.workers.name is optional, if not provided default will be used
         name: cpu-worker-0
         # spec.shoot.workers.minimum is required
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index 6c4bf1f0..fd3f09e6 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -36,6 +36,30 @@ spec:
           usernameClaim: sub
     provider:
       type: aws
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vpc:
+            cidr: 10.250.0.0/16
+          zones:
+            - internal: 10.250.48.0/20
+              name: eu-central-1c
+              public: 10.250.32.0/20
+              workers: 10.250.0.0/19
+            - internal: 10.250.112.0/20
+              name: eu-central-1b
+              public: 10.250.96.0/20
+              workers: 10.250.64.0/19
+            - internal: 10.250.176.0/20
+              name: eu-central-1a
+              public: 10.250.160.0/20
+              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index 1f4517d1..636bd871 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -36,6 +36,22 @@ spec:
           usernameClaim: sub
     provider:
       type: aws
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        kind: InfrastructureConfig
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        networks:
+          vpc:
+            cidr: 10.250.0.0/22
+          zones:
+            - name: eu-central-1b
+              internal: 10.250.0.192/26
+              public: 10.250.0.128/26
+              workers: 10.250.0.0/25
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
@@ -52,7 +68,7 @@ spec:
           type: mx5.large
         # spec.shoot.workers.zones is required
         zones:
-          - eu-central-1a
+          - eu-central-1b
         # spec.shoot.workers.minimum is required
         minimum: 1
         # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index bf75089d..8fb3fe78 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -46,9 +46,33 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is required
     provider:
+      ## spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vpc:
+            cidr: 10.250.0.0/16
+          zones:
+            - internal: 10.250.48.0/20
+              name: eu-central-1c
+              public: 10.250.32.0/20
+              workers: 10.250.0.0/19
+            - internal: 10.250.112.0/20
+              name: eu-central-1b
+              public: 10.250.96.0/20
+              workers: 10.250.64.0/19
+            - internal: 10.250.176.0/20
+              name: eu-central-1a
+              public: 10.250.160.0/20
+              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index ffd75ea8..d61da7b0 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -35,7 +35,24 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
-      type: aws
+      type: azure
+      # spec.shoot.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vnet:
+            cidr: 10.250.0.0/19
+          zones:
+            - cidr: 10.250.0.0/24
+              name: 1
+              natGateway:
+                enabled: true
+                idleConnectionTimeoutMinutes: 4
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index f214560e..a2fbcc4d 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -36,7 +36,24 @@ spec:
         usernameClaim: sub
     # spec.shoot.provider is required
     provider:
-      type: aws
+      type: azure
+      # spec.shoot.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vnet:
+            cidr: 10.250.0.0/19
+          zones:
+            - cidr: 10.250.0.0/24
+              name: 1
+              natGateway:
+                enabled: true
+                idleConnectionTimeoutMinutes: 4
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 383dff61..7496755e 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -45,9 +45,31 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is required
+    # spec.shoot.provider is required
     provider:
-      type: aws
+      type: azure
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vnet:
+            cidr: 10.250.0.0/19
+          zones:
+            - cidr: 10.250.0.0/24
+              name: 1
+              natGateway:
+                enabled: true
+                idleConnectionTimeoutMinutes: 4
+            - cidr: 10.250.1.0/24
+              name: 2
+              natGateway:
+                enabled: true
+                idleConnectionTimeoutMinutes: 4
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 6f3b5a38..e7ca9076 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -47,7 +47,19 @@ spec:
             usernamePrefix: 'someother'
     ## spec.shoot.provider is required
     provider:
-      type: aws
+      type: gcp
+      # spec.shoot.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+        zone: us-central1-b
+      # spec.shoot.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          worker: 10.250.0.0/22
+          workers: 10.250.0.0/22
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 74ccaab5..1ad714fa 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -48,6 +48,18 @@ spec:
     ## spec.shoot.provider is required
     provider:
       type: openstack
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+        loadBalancerProvider: f5
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
+        floatingPoolName: FloatingIP-external-kyma-01
+        kind: InfrastructureConfig
+        networks:
+          workers: 10.180.0.0/16
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13

From b379f6355ece741c6b43c989441394aa56674e1c Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 08:56:07 +0200
Subject: [PATCH 34/49] Licence type added

---
 docs/adr/assets/runtime-examples/aws-trial.yaml  | 2 ++
 docs/adr/assets/runtime-examples/azure-lite.yaml | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index 636bd871..35db3cd1 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -20,6 +20,8 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: evaluation
+    # spec.shoot.licenceType is optional, default=nil
+    licenceType: "TestDevelopmentAndDemo"
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.secretBindingName is required
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index a2fbcc4d..f44d90cb 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eastus
+    # spec.shoot.licenceType is optional, default=nil
+    licenceType: "TestDevelopmentAndDemo"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:

From a3267a8a0201a6a3beebfcdbfecdf83650a36f56 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 09:35:08 +0200
Subject: [PATCH 35/49] Optional seedName added

---
 .../assets/runtime-examples/aws-freemium.yaml |  1 +
 .../assets/runtime-examples/aws-minimal.yaml  |  3 +-
 .../assets/runtime-examples/aws-trial.yaml    |  3 +-
 docs/adr/assets/runtime-examples/aws.yaml     |  6 +-
 .../runtime-examples/azure-fremium.yaml       |  3 +-
 .../assets/runtime-examples/azure-lite.yaml   |  3 +-
 docs/adr/assets/runtime-examples/azure.yaml   |  7 ++-
 docs/adr/assets/runtime-examples/gcp.yaml     |  9 ++-
 .../runtime-examples/sap-converged-cloud.yaml |  9 ++-
 docs/adr/provisioning.md                      | 62 ++++++++++++++++++-
 10 files changed, 89 insertions(+), 17 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 2dfa5323..a4e0e00f 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -35,6 +35,7 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
+      # spec.shoot.provider.type is required
       type: aws
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index fd3f09e6..a2a67ccd 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -26,7 +26,7 @@ spec:
     secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -35,6 +35,7 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
+      # spec.shoot.provider.type is required
       type: aws
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index 35db3cd1..b1067f8d 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -28,7 +28,7 @@ spec:
     secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -37,6 +37,7 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
+      # spec.shoot.provider.type is required
       type: aws
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 8fb3fe78..c6e420e6 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -20,6 +20,8 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.seedName is optional, default=nil
+    seedName: aws-ha-eu1
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.secretBindingName is required
@@ -29,7 +31,7 @@ spec:
       # Will be modified by the SRE
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -47,7 +49,7 @@ spec:
             usernameClaim: sub
             usernamePrefix: 'someother'
     provider:
-      ## spec.shoot.provider.type is required
+      # spec.shoot.provider.type is required
       type: aws
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index d61da7b0..2b0cda29 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -26,7 +26,7 @@ spec:
     secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -35,6 +35,7 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
+      # spec.shoot.provider.type is required
       type: azure
       # spec.shoot.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index f44d90cb..7535f5b9 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -28,7 +28,7 @@ spec:
     secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -38,6 +38,7 @@ spec:
         usernameClaim: sub
     # spec.shoot.provider is required
     provider:
+      # spec.shoot.provider.type is required
       type: azure
       # spec.shoot.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 7496755e..ab09fa7b 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -20,6 +20,8 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.seedName is optional, default=nil
+    seedName: az-ha-us2
     # spec.shoot.region is required
     region: eastus
     # spec.shoot.secretBindingName is required
@@ -28,7 +30,7 @@ spec:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -36,7 +38,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
+        # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -47,6 +49,7 @@ spec:
             usernamePrefix: 'someother'
     # spec.shoot.provider is required
     provider:
+      # spec.shoot.provider.type is required
       type: azure
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index e7ca9076..de49dfbb 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -20,6 +20,8 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.seedName is optional, default=nil
+    seedName: gcp-ha-us1
     # spec.shoot.region is required
     region: europe-west3
     # spec.shoot.secretBindingName is required
@@ -28,7 +30,7 @@ spec:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -36,7 +38,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
+        # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -45,8 +47,9 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is required
+    # spec.shoot.provider is required
     provider:
+      # spec.shoot.provider.type is required
       type: gcp
       # spec.shoot.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 1ad714fa..9dcbadd7 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -20,6 +20,8 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is optional, default=nil
+    seedName: cc-ha-eu1
     # spec.shoot.region is required
     region: eu-de-1
     # spec.shoot.secretBindingName is required
@@ -28,7 +30,7 @@ spec:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -36,7 +38,7 @@ spec:
           signingAlgs:
             - RS256
           usernameClaim: sub
-        ## spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
+        # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
           - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             groupsClaim: groups
@@ -45,8 +47,9 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is required
+    # spec.shoot.provider is required
     provider:
+      # spec.shoot.provider.type is required
       type: openstack
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index f570603e..55b4ed07 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -21,6 +21,7 @@ Kyma Environment Broker has the following responsibilities:
 - Create Runtime CR containing the following data:
     - Provider config (type, region, and secret with credentials for hyperscaler)
     - Worker pool specification
+    - Provider specific config
     - Cluster networking settings (nodes, pods, and services API ranges)
     - OIDC settings
     - Cluster administrators list
@@ -92,7 +93,32 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
+      ## spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vpc:
+            cidr: 10.250.0.0/16
+          zones:
+            - internal: 10.250.48.0/20
+              name: eu-central-1c
+              public: 10.250.32.0/20
+              workers: 10.250.0.0/19
+            - internal: 10.250.112.0/20
+              name: eu-central-1b
+              public: 10.250.96.0/20
+              workers: 10.250.64.0/19
+            - internal: 10.250.176.0/20
+              name: eu-central-1a
+              public: 10.250.160.0/20
+              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
@@ -153,6 +179,8 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.seedName is optional, default=nil
+    seedName: aws-ha-eu1
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.secretBindingName is required
@@ -168,7 +196,7 @@ spec:
           groupsClaim: groups
           issuerURL: https://my.cool.tokens.com
           signingAlgs:
-          - RS256
+            - RS256
           usernameClaim: sub
         # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
@@ -179,9 +207,33 @@ spec:
               - RS256
             usernameClaim: sub
             usernamePrefix: 'someother'
-    ## spec.shoot.provider is required
     provider:
+      ## spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.controlPlaneConfig is required
+      controlPlaneConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: ControlPlaneConfig
+      # spec.shoot.provider.infrastructureConfig is required
+      infrastructureConfig:
+        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
+        kind: InfrastructureConfig
+        networks:
+          vpc:
+            cidr: 10.250.0.0/16
+          zones:
+            - internal: 10.250.48.0/20
+              name: eu-central-1c
+              public: 10.250.32.0/20
+              workers: 10.250.0.0/19
+            - internal: 10.250.112.0/20
+              name: eu-central-1b
+              public: 10.250.96.0/20
+              workers: 10.250.64.0/19
+            - internal: 10.250.176.0/20
+              name: eu-central-1a
+              public: 10.250.160.0/20
+              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
@@ -248,7 +300,7 @@ Please see the following examples to understand what CRs must be created for par
 ## API structures
 
 ```go
-package v1
+package v2
 
 import (
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
@@ -273,6 +325,8 @@ type Shoot struct {
 	Name              string             `json:"name"`
 	Purpose           string             `json:"purpose"`
 	Region            string             `json:"region"`
+	SeedName          *string            `json:"seedName,omitempty"`
+	LicenceType       *string            `json:"licenceType,omitempty"`
 	SecretBindingName string             `json:"secretBindingName"`
 	Kubernetes        Kubernetes         `json:"kubernetes"`
 	Provider          Provider           `json:"provider"`
@@ -339,4 +393,6 @@ type RuntimeStatus struct {
 	// +listMapKey=type
 	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }
+
+
 ```

From 5e598bdb4893deeb3966ae9a5126b703ced5f992 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 09:39:36 +0200
Subject: [PATCH 36/49] Adjusted to ADR format

---
 docs/adr/provisioning.md | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 55b4ed07..2022448f 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -1,7 +1,10 @@
-# Introduction
+# Context
 This document defines the architecture and API for the Gardener cluster provisioning functionality.
 
-# Target architecture
+# Status
+Proposed
+
+# Decision
 
 The following diagram shows the proposed architecture:
 ![](./assets/keb-kim-target-arch.drawio.svg)
@@ -45,9 +48,9 @@ Kyma Environment Broker has the following responsibilities:
  - Apply the audit log configuration on the shoot resource
  - Generate the kubeconfig
 
-# API proposal
+## API proposal
 
-## CR examples
+### CR examples
 
 MInd that the Runtime CR must contain the following labels:
 ```yaml

From c12ce307dc7aef8bc887808ec2c5c41fa58227d6 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 10:42:40 +0200
Subject: [PATCH 37/49] Added information on the additional fields

---
 docs/adr/provisioning.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/adr/provisioning.md b/docs/adr/provisioning.md
index 2022448f..3f00643f 100644
--- a/docs/adr/provisioning.md
+++ b/docs/adr/provisioning.md
@@ -163,9 +163,11 @@ spec:
 ```
 
 There are some additional optional fields that could be specified:
+- `spec.shoot.seedName` ; if not provided `nil` value will be used
+- `spec.shoot.seedName.licenceType` ; if not provided `nil` value will be used 
 - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration
-- `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration
 - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured
+- `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration
 - `spec.shoot.workers.name` ; if not provided, a hardcoded name will be used
 - `spec.security.networking.filtering.ingress.enabled` ; if not provided, the `false` value will be used
 

From 2a54485d8ae411faddddbae0564d8e56fdcc07eb Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 10:47:05 +0200
Subject: [PATCH 38/49] File renamed

---
 docs/adr/{provisioning.md => 001-provisioning.md} | 0
 docs/adr/README.md                                | 2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)
 rename docs/adr/{provisioning.md => 001-provisioning.md} (100%)

diff --git a/docs/adr/provisioning.md b/docs/adr/001-provisioning.md
similarity index 100%
rename from docs/adr/provisioning.md
rename to docs/adr/001-provisioning.md
diff --git a/docs/adr/README.md b/docs/adr/README.md
index 8e4669d2..0fb75fd6 100644
--- a/docs/adr/README.md
+++ b/docs/adr/README.md
@@ -4,5 +4,5 @@ This folder contains architecture decision records.
 
 # Documents
 
-- [Provisioning functionality](./provisioning.md)
+- [Provisioning functionality](./001-provisioning.md)
 

From 5a52cb38101d7480c14631444f9c1e177c6ab352 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 10:56:33 +0200
Subject: [PATCH 39/49] Mentioned creating cluster role bindings

---
 docs/adr/001-provisioning.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 3f00643f..0f1d7794 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -46,6 +46,7 @@ Kyma Environment Broker has the following responsibilities:
      - providing maintenance settings (Kubernetes, and image autoupdates)
  - Upgrade and delete shoots for the corresponding `Runtime` CRs
  - Apply the audit log configuration on the shoot resource
+ - Create cluster role bindings for administrators
  - Generate the kubeconfig
 
 ## API proposal

From 52234ed773ff0c0477f4dedebd67372f5fb948df Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 12:27:59 +0200
Subject: [PATCH 40/49] Update docs/adr/001-provisioning.md

Co-authored-by: Benjamin Somhegyi <somhegyi.b@gmail.com>
---
 docs/adr/001-provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 0f1d7794..327dc21d 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -165,7 +165,7 @@ spec:
 
 There are some additional optional fields that could be specified:
 - `spec.shoot.seedName` ; if not provided `nil` value will be used
-- `spec.shoot.seedName.licenceType` ; if not provided `nil` value will be used 
+- `spec.shoot.licenceType` ; if not provided `nil` value will be used 
 - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration
 - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured
 - `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration

From aba00807c748920409c77598ea99045e115b4481 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 12:30:28 +0200
Subject: [PATCH 41/49] Removed seed name

---
 docs/adr/assets/runtime-examples/aws.yaml                 | 2 --
 docs/adr/assets/runtime-examples/azure.yaml               | 2 --
 docs/adr/assets/runtime-examples/gcp.yaml                 | 2 --
 docs/adr/assets/runtime-examples/sap-converged-cloud.yaml | 2 --
 4 files changed, 8 deletions(-)

diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index c6e420e6..1a17b40d 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -20,8 +20,6 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
-    # spec.shoot.seedName is optional, default=nil
-    seedName: aws-ha-eu1
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.secretBindingName is required
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index ab09fa7b..5ecb2d34 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -20,8 +20,6 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
-    # spec.shoot.seedName is optional, default=nil
-    seedName: az-ha-us2
     # spec.shoot.region is required
     region: eastus
     # spec.shoot.secretBindingName is required
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index de49dfbb..684e8550 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -20,8 +20,6 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
-    # spec.shoot.seedName is optional, default=nil
-    seedName: gcp-ha-us1
     # spec.shoot.region is required
     region: europe-west3
     # spec.shoot.secretBindingName is required
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 9dcbadd7..71c65a76 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -20,8 +20,6 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
-    # spec.shoot.region is optional, default=nil
-    seedName: cc-ha-eu1
     # spec.shoot.region is required
     region: eu-de-1
     # spec.shoot.secretBindingName is required

From 7dc7e90ae767e37cc38f9b18760a00f153c4344e Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 18:26:43 +0200
Subject: [PATCH 42/49] Fixed hierarchy to have the same as in the shoot

---
 docs/adr/001-provisioning.md                  | 136 ++++++++++--------
 .../assets/runtime-examples/aws-freemium.yaml |  59 ++++----
 .../assets/runtime-examples/aws-minimal.yaml  |  39 ++---
 .../assets/runtime-examples/aws-trial.yaml    |  35 ++---
 docs/adr/assets/runtime-examples/aws.yaml     |  63 ++++----
 .../runtime-examples/azure-fremium.yaml       |  35 ++---
 .../assets/runtime-examples/azure-lite.yaml   |  59 ++++----
 docs/adr/assets/runtime-examples/azure.yaml   |  63 ++++----
 docs/adr/assets/runtime-examples/gcp.yaml     |  63 ++++----
 .../runtime-examples/sap-converged-cloud.yaml |  55 +++----
 10 files changed, 319 insertions(+), 288 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 327dc21d..475ad4a3 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -74,6 +74,17 @@ The example below shows the CR that must be created by the KEB to provision the
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
@@ -88,7 +99,7 @@ spec:
     secretBindingName: "hyperscaler secret"
     kubernetes:
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
@@ -97,8 +108,28 @@ spec:
             - RS256
           usernameClaim: sub
     provider:
-      ## spec.shoot.provider.type is required
+      # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: m6i.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
@@ -133,25 +164,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: node
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: m6i.large
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1a
-          - eu-central-1b
-          - eu-central-1c
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
@@ -177,6 +189,17 @@ The following example shows the Runtime CR that must be created to provision a c
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
@@ -185,8 +208,6 @@ spec:
     name: shoot-name
     # spec.shoot.purpose is required
     purpose: production
-    # spec.shoot.seedName is optional, default=nil
-    seedName: aws-ha-eu1
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.secretBindingName is required
@@ -196,13 +217,13 @@ spec:
       # Will be modified by the SRE
       version: "1.28.7"
       kubeAPIServer:
-        ## spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
           issuerURL: https://my.cool.tokens.com
           signingAlgs:
-            - RS256
+          - RS256
           usernameClaim: sub
         # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
         additionalOidcConfig:
@@ -214,8 +235,40 @@ spec:
             usernameClaim: sub
             usernamePrefix: 'someother'
     provider:
-      ## spec.shoot.provider.type is required
+      # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: m6i.large
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: gp2
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
@@ -250,37 +303,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: m6i.large
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # spec.shoot.workers.volume is required for the first release
-        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
-        volume:
-          type: gp2
-          size: 50Gi
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1a
-          - eu-central-1b
-          - eu-central-1c
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index a4e0e00f..9b036258 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -37,6 +37,36 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: m5.xlarge
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: gp2
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1b
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 1
+          # spec.shoot.workers.maximum is required
+          maximum: 1
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 1
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
@@ -63,35 +93,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: m5.xlarge
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # spec.shoot.workers.volume is required for the first release
-        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
-        volume:
-          type: gp2
-          size: 50Gi
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1b
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 1
-        # spec.shoot.workers.maximum is required
-        maximum: 1
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index a2a67ccd..72176e4a 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -37,6 +37,26 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: m6i.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
@@ -71,25 +91,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: node
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: m6i.large
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1a
-          - eu-central-1b
-          - eu-central-1c
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index b1067f8d..44ed3041 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -39,6 +39,24 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: mx5.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1b
+          # spec.shoot.workers.minimum is required
+          minimum: 1
+          # spec.shoot.workers.maximum is required
+          maximum: 1
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 1
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
@@ -65,23 +83,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: mx5.large
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1b
-        # spec.shoot.workers.minimum is required
-        minimum: 1
-        # spec.shoot.workers.maximum is required
-        maximum: 1
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 1a17b40d..8022b7d9 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -49,6 +49,38 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: m6i.large
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: gp2
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
@@ -83,37 +115,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: m6i.large
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # spec.shoot.workers.volume is required for the first release
-        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
-        volume:
-          type: gp2
-          size: 50Gi
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1a
-          - eu-central-1b
-          - eu-central-1c
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index 2b0cda29..312e0673 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -37,6 +37,24 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: mx5.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+          # spec.shoot.workers.minimum is required
+          minimum: 1
+          # spec.shoot.workers.maximum is required
+          maximum: 1
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 1
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
@@ -64,23 +82,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: node
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: mx5.large
-        # spec.shoot.workers.zones is required
-        zones:
-          - eu-central-1a
-        # spec.shoot.workers.minimum is required
-        minimum: 1
-        # spec.shoot.workers.maximum is required
-        maximum: 1
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 7535f5b9..6136f5b3 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -40,6 +40,36 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: Standard_D4s_v5
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: Standard_LRS
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - eastus1
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 2
+          # spec.shoot.workers.maximum is required
+          maximum: 10
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 1
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
@@ -67,35 +97,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: node
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: Standard_D4s_v5
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # spec.shoot.workers.volume is required for the first release
-        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
-        volume:
-          type: Standard_LRS
-          size: 50Gi
-        # spec.shoot.workers.zones is required
-        zones:
-          - eastus1
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 2
-        # spec.shoot.workers.maximum is required
-        maximum: 10
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 1
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 5ecb2d34..029767db 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -49,6 +49,38 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type provided is required
+            type: Standard_D2s_v5
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: Standard_LRS
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - eastus1
+            - eastus2
+            - eastus3
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
@@ -81,37 +113,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type provided is required
-          type: Standard_D2s_v5
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # spec.shoot.workers.volume is required for the first release
-        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
-        volume:
-          type: Standard_LRS
-          size: 50Gi
-        # spec.shoot.workers.zones is required
-        zones:
-          - eastus1
-          - eastus2
-          - eastus3
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 684e8550..0b0b73a7 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -49,6 +49,38 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: gcp
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: n2-standard-2
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: pd-standard
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - europe-west3a
+            - europe-west3b
+            - europe-west3c
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1
@@ -71,37 +103,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: n2-standard-2
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # spec.shoot.workers.volume is required for the first release
-        # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
-        volume:
-          type: pd-standard
-          size: 50Gi
-        # spec.shoot.workers.zones is required
-        zones:
-          - europe-west3a
-          - europe-west3b
-          - europe-west3c
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 71c65a76..ca3e9352 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -49,6 +49,34 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: openstack
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: g_c2_m8
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # Note: KEB doesn't specify the volume, Gardener defaults used
+          # spec.shoot.workers.zones is provided by the KEB, required
+          zones:
+            - eu-de-1a
+            - eu-de-1b
+            - eu-de-1d
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
       # spec.shoot.provider.controlPlaneConfig is required
       controlPlaneConfig:
         apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
@@ -71,33 +99,6 @@ spec:
       highAvailability:
         failureTolerance:
           type: zone
-    workers:
-      - machine:
-          # spec.shoot.workers.machine.type is required
-          type: g_c2_m8
-          # spec.shoot.workers.machine.image is optional, when not provider default will be used
-          # Will be modified by the SRE
-          image:
-            name: gardenlinux
-            version: 1312.3.0
-        # Note: KEB doesn't specify the volume, Gardener defaults used
-        # spec.shoot.workers.zones is provided by the KEB, required
-        zones:
-          - eu-de-1a
-          - eu-de-1b
-          - eu-de-1d
-        # spec.shoot.workers.name is optional, if not provided default will be used
-        name: cpu-worker-0
-        # spec.shoot.workers.minimum is required
-        minimum: 3
-        # spec.shoot.workers.maximum is required
-        maximum: 20
-        # spec.shoot.workers.maxSurge is required in the first release.
-        # It can be optional in the future, as it equals to zone count
-        maxSurge: 3
-        # spec.shoot.workers.maxUnavailable is required in the first release.
-        # It can be optional in the future, as it is always set to 0
-        maxUnavailable:  0
   security:
     networking:
       filter:

From 18b165c0dce578f5554b110a9dbec75f42e1f7cf Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 18:28:49 +0200
Subject: [PATCH 43/49] Update 001-provisioning.md

---
 docs/adr/001-provisioning.md | 22 ----------------------
 1 file changed, 22 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 475ad4a3..5ef996ff 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -74,17 +74,6 @@ The example below shows the CR that must be created by the KEB to provision the
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
-  labels:
-    kyma-project.io/instance-id: instance-id
-    kyma-project.io/runtime-id: runtime-id
-    kyma-project.io/broker-plan-id: plan-id
-    kyma-project.io/broker-plan-name: plan-name
-    kyma-project.io/global-account-id: global-account-id
-    kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
-    kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
-    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
@@ -189,17 +178,6 @@ The following example shows the Runtime CR that must be created to provision a c
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
-  labels:
-    kyma-project.io/instance-id: instance-id
-    kyma-project.io/runtime-id: runtime-id
-    kyma-project.io/broker-plan-id: plan-id
-    kyma-project.io/broker-plan-name: plan-name
-    kyma-project.io/global-account-id: global-account-id
-    kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
-    kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
-    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:

From 2de7101c6f866f6b2e4905cfeac65ab42b55128b Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 10 May 2024 18:35:24 +0200
Subject: [PATCH 44/49] Update 001-provisioning.md

---
 docs/adr/001-provisioning.md | 23 +++++++++++------------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 5ef996ff..c8cd8530 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -331,35 +331,34 @@ type Shoot struct {
 	Name              string             `json:"name"`
 	Purpose           string             `json:"purpose"`
 	Region            string             `json:"region"`
-	SeedName          *string            `json:"seedName,omitempty"`
 	LicenceType       *string            `json:"licenceType,omitempty"`
 	SecretBindingName string             `json:"secretBindingName"`
 	Kubernetes        Kubernetes         `json:"kubernetes"`
 	Provider          Provider           `json:"provider"`
 	Networking        Networking         `json:"networking"`
-	Workers           *[]gardener.Worker `json:"workers,omitempty"`
 }
 
 type Provider struct {
 	Type                 string                `json:"type"`
-	ControlPlaneConfig   *runtime.RawExtension `json:"controlPlaneConfig,omitempty"`
-	InfrastructureConfig *runtime.RawExtension `json:"infrastructureConfig,omitempty"`
+	ControlPlaneConfig   runtime.RawExtension `json:"controlPlaneConfig"`
+	InfrastructureConfig runtime.RawExtension `json:"infrastructureConfig"`
+        Workers              []gardener.Worker     `json:"workers"`
 }
 
 type Networking struct {
-	Pods     string `json:"pods,omitempty"`
-	Nodes    string `json:"nodes,omitempty"`
-	Services string `json:"services,omitempty"`
+	Pods     string `json:"pods"`
+	Nodes    string `json:"nodes"`
+	Services string `json:"services"`
 }
 
 type Kubernetes struct {
-	Version       string    `json:"version"`
-	KubeAPIServer APIServer `json:"kubeAPIServer,omitempty"`
+	Version       *string    `json:"version,omitempty"`
+	KubeAPIServer APIServer  `json:"kubeAPIServer"`
 }
 
 type APIServer struct {
-	oidcConfig           gardener.OIDCConfig    `json:"oidcConfig"`
-	additionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""`
+	OidcConfig           gardener.OIDCConfig    `json:"oidcConfig"`
+	AdditionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""`
 }
 
 type Security struct {
@@ -372,7 +371,7 @@ type NetworkingSecurity struct {
 }
 
 type Filter struct {
-	Ingress *Ingress `json:"ingress"`
+	Ingress *Ingress `json:"ingress,omitempty"`
 	Egress  Egress   `json:"egress"`
 }
 

From ccdd1301f97e4d76367d1c67ffdb3a987da57dde Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Tue, 14 May 2024 10:48:30 +0200
Subject: [PATCH 45/49] KIM is responsible for provider specific config.

---
 docs/adr/001-provisioning.md                  | 133 +++++-------------
 .../assets/runtime-examples/aws-freemium.yaml |  16 ---
 .../assets/runtime-examples/aws-minimal.yaml  |  24 ----
 .../assets/runtime-examples/aws-trial.yaml    |  16 ---
 docs/adr/assets/runtime-examples/aws.yaml     |  24 ----
 .../runtime-examples/azure-fremium.yaml       |  17 ---
 .../assets/runtime-examples/azure-lite.yaml   |  17 ---
 docs/adr/assets/runtime-examples/azure.yaml   |  22 ---
 docs/adr/assets/runtime-examples/gcp.yaml     |  12 --
 .../runtime-examples/sap-converged-cloud.yaml |  12 --
 10 files changed, 38 insertions(+), 255 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index c8cd8530..1d01698a 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -24,7 +24,6 @@ Kyma Environment Broker has the following responsibilities:
 - Create Runtime CR containing the following data:
     - Provider config (type, region, and secret with credentials for hyperscaler)
     - Worker pool specification
-    - Provider specific config
     - Cluster networking settings (nodes, pods, and services API ranges)
     - OIDC settings
     - Cluster administrators list
@@ -44,6 +43,7 @@ Kyma Environment Broker has the following responsibilities:
      - configuring DNS extension 
      - configuring Certificates extension
      - providing maintenance settings (Kubernetes, and image autoupdates)
+     - creating provider specific config
  - Upgrade and delete shoots for the corresponding `Runtime` CRs
  - Apply the audit log configuration on the shoot resource
  - Create cluster role bindings for administrators
@@ -119,30 +119,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vpc:
-            cidr: 10.250.0.0/16
-          zones:
-            - internal: 10.250.48.0/20
-              name: eu-central-1c
-              public: 10.250.32.0/20
-              workers: 10.250.0.0/19
-            - internal: 10.250.112.0/20
-              name: eu-central-1b
-              public: 10.250.96.0/20
-              workers: 10.250.64.0/19
-            - internal: 10.250.176.0/20
-              name: eu-central-1a
-              public: 10.250.160.0/20
-              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
@@ -247,30 +223,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vpc:
-            cidr: 10.250.0.0/16
-          zones:
-            - internal: 10.250.48.0/20
-              name: eu-central-1c
-              public: 10.250.32.0/20
-              workers: 10.250.0.0/19
-            - internal: 10.250.112.0/20
-              name: eu-central-1b
-              public: 10.250.96.0/20
-              workers: 10.250.64.0/19
-            - internal: 10.250.176.0/20
-              name: eu-central-1a
-              public: 10.250.160.0/20
-              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
@@ -306,64 +258,72 @@ Please see the following examples to understand what CRs must be created for par
 ## API structures
 
 ```go
-package v2
+package v1
 
 import (
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
 )
 
+// Runtime is the Schema for the runtimes API
 type Runtime struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
-	Spec   RuntimeSpec   `json:"spec"`
+	Spec   RuntimeSpec   `json:"spec,omitempty"`
 	Status RuntimeStatus `json:"status,omitempty"`
 }
 
+// RuntimeSpec defines the desired state of Runtime
 type RuntimeSpec struct {
-	Shoot    Shoot    `json:"spec"`
-	Security Security `json:"security"`
+	Shoot    RuntimeShoot `json:"shoot"`
+	Security Security     `json:"security"`
 }
 
-type Shoot struct {
-	Name              string             `json:"name"`
-	Purpose           string             `json:"purpose"`
-	Region            string             `json:"region"`
-	LicenceType       *string            `json:"licenceType,omitempty"`
-	SecretBindingName string             `json:"secretBindingName"`
-	Kubernetes        Kubernetes         `json:"kubernetes"`
-	Provider          Provider           `json:"provider"`
-	Networking        Networking         `json:"networking"`
-}
-
-type Provider struct {
-	Type                 string                `json:"type"`
-	ControlPlaneConfig   runtime.RawExtension `json:"controlPlaneConfig"`
-	InfrastructureConfig runtime.RawExtension `json:"infrastructureConfig"`
-        Workers              []gardener.Worker     `json:"workers"`
+// RuntimeStatus defines the observed state of Runtime
+type RuntimeStatus struct {
+	// State signifies current state of Runtime
+	State State `json:"state,omitempty"`
+	// List of status conditions to indicate the status of a ServiceInstance.
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }
 
-type Networking struct {
-	Pods     string `json:"pods"`
-	Nodes    string `json:"nodes"`
-	Services string `json:"services"`
+type RuntimeShoot struct {
+	Name              string                `json:"name"`
+	Purpose           gardener.ShootPurpose `json:"purpose"`
+	Region            string                `json:"region"`
+	LicenceType       *string               `json:"licenceType,omitempty"`
+	SecretBindingName string                `json:"secretBindingName"`
+	Kubernetes        Kubernetes            `json:"kubernetes"`
+	Provider          Provider              `json:"provider"`
+	Networking        Networking            `json:"networking"`
+	ControlPlane      gardener.ControlPlane `json:"controlPlane"`
 }
 
 type Kubernetes struct {
-	Version       *string    `json:"version,omitempty"`
-	KubeAPIServer APIServer  `json:"kubeAPIServer"`
+	Version       *string   `json:"version,omitempty"`
+	KubeAPIServer APIServer `json:"kubeAPIServer,omitempty"`
 }
 
 type APIServer struct {
 	OidcConfig           gardener.OIDCConfig    `json:"oidcConfig"`
-	AdditionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig""`
+	AdditionalOidcConfig *[]gardener.OIDCConfig `json:"additionalOidcConfig,omitempty"`
+}
+
+type Provider struct {
+	Type    string            `json:"type"`
+	Workers []gardener.Worker `json:"workers"`
+}
+
+type Networking struct {
+	Pods     string `json:"pods"`
+	Nodes    string `json:"nodes"`
+	Services string `json:"services"`
 }
 
 type Security struct {
 	Administrators []string           `json:"administrators"`
-	Networking     NetworkingSecurity `json:"networking""`
+	Networking     NetworkingSecurity `json:"networking"`
 }
 
 type NetworkingSecurity struct {
@@ -383,21 +343,4 @@ type Egress struct {
 	Enabled bool `json:"enabled"`
 }
 
-type State string
-
-// +kubebuilder:object:root=true
-// RuntimeStatus defines the observed state of Runtime
-type RuntimeStatus struct {
-	// State signifies current state of Runtime.
-	// Value can be one of ("Ready", "Processing", "Error", "Deleting").
-	State State `json:"state,omitempty"`
-
-	// List of status conditions to indicate the status of a ServiceInstance.
-	// +optional
-	// +listType=map
-	// +listMapKey=type
-	Conditions []metav1.Condition `json:"conditions,omitempty"`
-}
-
-
 ```
diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 9b036258..fc1cdc2c 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -67,22 +67,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        kind: InfrastructureConfig
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        networks:
-          vpc:
-            cidr: 10.250.0.0/22
-          zones:
-            - name: eu-central-1b
-              internal: 10.250.0.192/26
-              public: 10.250.0.128/26
-              workers: 10.250.0.0/25
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index 72176e4a..f31f50d5 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -57,30 +57,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vpc:
-            cidr: 10.250.0.0/16
-          zones:
-            - internal: 10.250.48.0/20
-              name: eu-central-1c
-              public: 10.250.32.0/20
-              workers: 10.250.0.0/19
-            - internal: 10.250.112.0/20
-              name: eu-central-1b
-              public: 10.250.96.0/20
-              workers: 10.250.64.0/19
-            - internal: 10.250.176.0/20
-              name: eu-central-1a
-              public: 10.250.160.0/20
-              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index 44ed3041..d3ec90a8 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -57,22 +57,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        kind: InfrastructureConfig
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        networks:
-          vpc:
-            cidr: 10.250.0.0/22
-          zones:
-            - name: eu-central-1b
-              internal: 10.250.0.192/26
-              public: 10.250.0.128/26
-              workers: 10.250.0.0/25
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 8022b7d9..8c76545a 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -81,30 +81,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: aws.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vpc:
-            cidr: 10.250.0.0/16
-          zones:
-            - internal: 10.250.48.0/20
-              name: eu-central-1c
-              public: 10.250.32.0/20
-              workers: 10.250.0.0/19
-            - internal: 10.250.112.0/20
-              name: eu-central-1b
-              public: 10.250.96.0/20
-              workers: 10.250.64.0/19
-            - internal: 10.250.176.0/20
-              name: eu-central-1a
-              public: 10.250.160.0/20
-              workers: 10.250.128.0/19
     # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index 312e0673..a2cd223c 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -55,23 +55,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vnet:
-            cidr: 10.250.0.0/19
-          zones:
-            - cidr: 10.250.0.0/24
-              name: 1
-              natGateway:
-                enabled: true
-                idleConnectionTimeoutMinutes: 4
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 6136f5b3..b426219f 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -70,23 +70,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vnet:
-            cidr: 10.250.0.0/19
-          zones:
-            - cidr: 10.250.0.0/24
-              name: 1
-              natGateway:
-                enabled: true
-                idleConnectionTimeoutMinutes: 4
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 029767db..caf8093c 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -81,28 +81,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: azure.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          vnet:
-            cidr: 10.250.0.0/19
-          zones:
-            - cidr: 10.250.0.0/24
-              name: 1
-              natGateway:
-                enabled: true
-                idleConnectionTimeoutMinutes: 4
-            - cidr: 10.250.1.0/24
-              name: 2
-              natGateway:
-                enabled: true
-                idleConnectionTimeoutMinutes: 4
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 0b0b73a7..7490e3d7 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -81,18 +81,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-        zone: us-central1-b
-      # spec.shoot.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1
-        kind: InfrastructureConfig
-        networks:
-          worker: 10.250.0.0/22
-          workers: 10.250.0.0/22
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index ca3e9352..bc153ecb 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -77,18 +77,6 @@ spec:
           # spec.shoot.workers.maxUnavailable is required in the first release.
           # It can be optional in the future, as it is always set to 0
           maxUnavailable: 0
-      # spec.shoot.provider.controlPlaneConfig is required
-      controlPlaneConfig:
-        apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
-        kind: ControlPlaneConfig
-        loadBalancerProvider: f5
-      # spec.shoot.provider.infrastructureConfig is required
-      infrastructureConfig:
-        apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
-        floatingPoolName: FloatingIP-external-kyma-01
-        kind: InfrastructureConfig
-        networks:
-          workers: 10.180.0.0/16
     # spec.shoot.Networking is required
     networking:
       pods: 10.96.0.0/13

From 06630bbb9f19531a25a4f600dd276cc87e6ac472 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Tue, 14 May 2024 15:37:30 +0200
Subject: [PATCH 46/49] Added code for provider specific config

---
 docs/adr/001-provisioning.md                  | 22 ++++++++++++-------
 .../assets/runtime-examples/aws-freemium.yaml |  6 ++---
 .../assets/runtime-examples/aws-minimal.yaml  | 14 ++++++------
 .../assets/runtime-examples/aws-trial.yaml    |  6 ++---
 docs/adr/assets/runtime-examples/aws.yaml     |  7 +++++-
 .../runtime-examples/azure-fremium.yaml       | 10 ++++-----
 .../assets/runtime-examples/azure-lite.yaml   |  6 ++---
 docs/adr/assets/runtime-examples/azure.yaml   |  7 +++++-
 docs/adr/assets/runtime-examples/gcp.yaml     |  7 +++++-
 .../runtime-examples/sap-converged-cloud.yaml |  7 +++++-
 10 files changed, 59 insertions(+), 33 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 1d01698a..a11684b1 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -99,16 +99,16 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.zones is required
+      zones:
+        - eu-central-1a
+        - eu-central-1b
+        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
-            # spec.shoot.workers.machine.type is required
-            type: m6i.large
-          # spec.shoot.workers.zones is required
-          zones:
-            - eu-central-1a
-            - eu-central-1b
-            - eu-central-1c
+          # spec.shoot.workers.machine.type is required
+          type: m6i.large
           # spec.shoot.workers.minimum is required
           minimum: 3
           # spec.shoot.workers.maximum is required
@@ -191,6 +191,11 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.zones is required
+      zones:
+        - eu-central-1a
+        - eu-central-1b
+        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -206,7 +211,7 @@ spec:
           volume:
             type: gp2
             size: 50Gi
-          # spec.shoot.workers.zones is required
+          # spec.shoot.workers.zones is optional
           zones:
             - eu-central-1a
             - eu-central-1b
@@ -312,6 +317,7 @@ type APIServer struct {
 
 type Provider struct {
 	Type    string            `json:"type"`
+	Zones   []string          `json:"workers"`
 	Workers []gardener.Worker `json:"workers"`
 }
 
diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index fc1cdc2c..86abe756 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -42,6 +42,9 @@ spec:
         - machine:
             # spec.shoot.workers.machine.type is required
             type: m5.xlarge
+            # spec.shoot.provider.zones is required
+            zones:
+              - eu-central-1b
             # spec.shoot.workers.machine.image is optional, when not provider default will be used
             # Will be modified by the SRE
             image:
@@ -52,9 +55,6 @@ spec:
           volume:
             type: gp2
             size: 50Gi
-          # spec.shoot.workers.zones is required
-          zones:
-            - eu-central-1b
           # spec.shoot.workers.name is optional, if not provided default will be used
           name: cpu-worker-0
           # spec.shoot.workers.minimum is required
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index f31f50d5..b47214d3 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -37,16 +37,16 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.zones is required
+      zones:
+        - eu-central-1a
+        - eu-central-1b
+        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
-            # spec.shoot.workers.machine.type is required
-            type: m6i.large
-          # spec.shoot.workers.zones is required
-          zones:
-            - eu-central-1a
-            - eu-central-1b
-            - eu-central-1c
+          # spec.shoot.workers.machine.type is required
+          type: m6i.large
           # spec.shoot.workers.minimum is required
           minimum: 3
           # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index d3ec90a8..e1b1858f 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -39,14 +39,14 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.zones is required
+      zones:
+        - eu-central-1b
       # spec.shoot.provider.workers is required
       workers:
         - machine:
             # spec.shoot.workers.machine.type is required
             type: mx5.large
-          # spec.shoot.workers.zones is required
-          zones:
-            - eu-central-1b
           # spec.shoot.workers.minimum is required
           minimum: 1
           # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 8c76545a..ccdf5bbb 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -49,6 +49,11 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
+      # spec.shoot.provider.zones is required
+      zones:
+        - eu-central-1a
+        - eu-central-1b
+        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -64,7 +69,7 @@ spec:
           volume:
             type: gp2
             size: 50Gi
-          # spec.shoot.workers.zones is required
+          # spec.shoot.workers.zones is optional
           zones:
             - eu-central-1a
             - eu-central-1b
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index a2cd223c..d4d9b113 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -37,14 +37,14 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
+      # spec.shoot.provider.zones is required
+      zones:
+        - eu-central-1a
       # spec.shoot.provider.workers is required
       workers:
         - machine:
-            # spec.shoot.workers.machine.type is required
-            type: mx5.large
-          # spec.shoot.workers.zones is required
-          zones:
-            - eu-central-1a
+          # spec.shoot.workers.machine.type is required
+          type: mx5.large
           # spec.shoot.workers.minimum is required
           minimum: 1
           # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index b426219f..3bfe4fe0 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -40,6 +40,9 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
+      # spec.shoot.provider.zones is required
+      zones:
+        - eastus1
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -55,9 +58,6 @@ spec:
           volume:
             type: Standard_LRS
             size: 50Gi
-          # spec.shoot.workers.zones is required
-          zones:
-            - eastus1
           # spec.shoot.workers.name is optional, if not provided default will be used
           name: cpu-worker-0
           # spec.shoot.workers.minimum is required
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index caf8093c..42994300 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -49,6 +49,11 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
+      # spec.shoot.provider.zones is required
+      zones:
+        - eastus1
+        - eastus2
+        - eastus3
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -64,7 +69,7 @@ spec:
           volume:
             type: Standard_LRS
             size: 50Gi
-          # spec.shoot.workers.zones is required
+          # spec.shoot.workers.zones is optional
           zones:
             - eastus1
             - eastus2
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 7490e3d7..409ad487 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -49,6 +49,11 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: gcp
+      # spec.shoot.provider.zones is required
+      zones:
+        - europe-west3a
+        - europe-west3b
+        - europe-west3c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -64,7 +69,7 @@ spec:
           volume:
             type: pd-standard
             size: 50Gi
-          # spec.shoot.workers.zones is required
+          # spec.shoot.workers.zones is optional
           zones:
             - europe-west3a
             - europe-west3b
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index bc153ecb..d1aeb984 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -49,6 +49,11 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: openstack
+      # spec.shoot.workers.zones is required
+      zones:
+        - eu-de-1a
+        - eu-de-1b
+        - eu-de-1d
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -60,7 +65,7 @@ spec:
               name: gardenlinux
               version: 1312.3.0
           # Note: KEB doesn't specify the volume, Gardener defaults used
-          # spec.shoot.workers.zones is provided by the KEB, required
+          # spec.shoot.workers.zones is optional
           zones:
             - eu-de-1a
             - eu-de-1b

From d8707aa3249ab277d9184a6bdc1efc19f9049cbf Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 16 May 2024 15:02:01 +0200
Subject: [PATCH 47/49] Added spec.shoot.platformRegion

---
 docs/adr/001-provisioning.md                           | 10 +++++++---
 docs/adr/assets/runtime-examples/aws-freemium.yaml     |  2 ++
 docs/adr/assets/runtime-examples/aws-minimal.yaml      |  2 ++
 docs/adr/assets/runtime-examples/aws-trial.yaml        |  2 ++
 docs/adr/assets/runtime-examples/aws.yaml              |  2 ++
 docs/adr/assets/runtime-examples/azure-fremium.yaml    |  2 ++
 docs/adr/assets/runtime-examples/azure-lite.yaml       |  2 ++
 docs/adr/assets/runtime-examples/azure.yaml            |  2 ++
 docs/adr/assets/runtime-examples/gcp.yaml              |  2 ++
 .../assets/runtime-examples/sap-converged-cloud.yaml   |  2 ++
 10 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index a11684b1..194ca04b 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -53,7 +53,8 @@ Kyma Environment Broker has the following responsibilities:
 
 ### CR examples
 
-MInd that the Runtime CR must contain the following labels:
+Mind that the Runtime CR must be labeled to make searching easier. 
+The proposed list of labels to be added to the Runtime CR:
 ```yaml
  kyma-project.io/instance-id: instance-id
  kyma-project.io/runtime-id: runtime-id
@@ -63,7 +64,6 @@ MInd that the Runtime CR must contain the following labels:
  kyma-project.io/subaccount-id: subAccount-id
  kyma-project.io/shoot-name: shoot-name
  kyma-project.io/region: region
- kyma-project.io/platform-region: platform-region
  operator.kyma-project.io/kyma-name: kymaName
 ```
 
@@ -84,6 +84,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -141,7 +143,6 @@ spec:
 ```
 
 There are some additional optional fields that could be specified:
-- `spec.shoot.seedName` ; if not provided `nil` value will be used
 - `spec.shoot.licenceType` ; if not provided `nil` value will be used 
 - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration
 - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured
@@ -164,6 +165,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -296,6 +299,7 @@ type RuntimeStatus struct {
 type RuntimeShoot struct {
 	Name              string                `json:"name"`
 	Purpose           gardener.ShootPurpose `json:"purpose"`
+	PlatformRegion    string                `json:"platformRegion"` 
 	Region            string                `json:"region"`
 	LicenceType       *string               `json:"licenceType,omitempty"`
 	SecretBindingName string                `json:"secretBindingName"`
diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 86abe756..8fb8741a 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: evaluation
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index b47214d3..d2aa68b6 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index e1b1858f..e28789b0 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -24,6 +24,8 @@ spec:
     licenceType: "TestDevelopmentAndDemo"
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index ccdf5bbb..79a79b33 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index d4d9b113..bc21cb79 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: evaluation
     # spec.shoot.region is required
     region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-us11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index 3bfe4fe0..ae25d780 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eastus
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-us11"
     # spec.shoot.licenceType is optional, default=nil
     licenceType: "TestDevelopmentAndDemo"
     # spec.shoot.secretBindingName is required
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 42994300..22805322 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eastus
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-us11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 409ad487..998266fb 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: europe-west3
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index d1aeb984..2d08e8df 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -22,6 +22,8 @@ spec:
     purpose: production
     # spec.shoot.region is required
     region: eu-de-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:

From 7b0765781c6ea1ff21cb07a367d7905895ee5d13 Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Thu, 16 May 2024 17:26:48 +0200
Subject: [PATCH 48/49] spec.shoot.provider.zones removed

---
 docs/adr/001-provisioning.md                  | 33 +++++++++++--------
 .../assets/runtime-examples/aws-freemium.yaml |  9 +++--
 .../assets/runtime-examples/aws-minimal.yaml  | 13 ++++----
 .../assets/runtime-examples/aws-trial.yaml    |  9 +++--
 docs/adr/assets/runtime-examples/aws.yaml     |  8 +----
 .../runtime-examples/azure-fremium.yaml       |  9 +++--
 .../assets/runtime-examples/azure-lite.yaml   |  9 +++--
 docs/adr/assets/runtime-examples/azure.yaml   | 10 ++----
 docs/adr/assets/runtime-examples/gcp.yaml     | 10 ++----
 .../runtime-examples/sap-converged-cloud.yaml |  8 +----
 10 files changed, 47 insertions(+), 71 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 194ca04b..969144bf 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -53,7 +53,7 @@ Kyma Environment Broker has the following responsibilities:
 
 ### CR examples
 
-Mind that the Runtime CR must be labeled to make searching easier. 
+Mind that the Runtime CR must be labeled to make searching for a particular instance easier. 
 The proposed list of labels to be added to the Runtime CR:
 ```yaml
  kyma-project.io/instance-id: instance-id
@@ -85,7 +85,7 @@ spec:
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-eu11"
+    platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -101,16 +101,16 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
-      # spec.shoot.provider.zones is required
-      zones:
-        - eu-central-1a
-        - eu-central-1b
-        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
           # spec.shoot.workers.machine.type is required
           type: m6i.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
           # spec.shoot.workers.minimum is required
           minimum: 3
           # spec.shoot.workers.maximum is required
@@ -155,6 +155,17 @@ The following example shows the Runtime CR that must be created to provision a c
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    kyma-project.io/platform-region: platform-region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
@@ -194,11 +205,6 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
-      # spec.shoot.provider.zones is required
-      zones:
-        - eu-central-1a
-        - eu-central-1b
-        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -214,7 +220,7 @@ spec:
           volume:
             type: gp2
             size: 50Gi
-          # spec.shoot.workers.zones is optional
+          # spec.shoot.workers.zones is required
           zones:
             - eu-central-1a
             - eu-central-1b
@@ -321,7 +327,6 @@ type APIServer struct {
 
 type Provider struct {
 	Type    string            `json:"type"`
-	Zones   []string          `json:"workers"`
 	Workers []gardener.Worker `json:"workers"`
 }
 
diff --git a/docs/adr/assets/runtime-examples/aws-freemium.yaml b/docs/adr/assets/runtime-examples/aws-freemium.yaml
index 8fb8741a..86733d7e 100644
--- a/docs/adr/assets/runtime-examples/aws-freemium.yaml
+++ b/docs/adr/assets/runtime-examples/aws-freemium.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-eu11"
+    platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -44,9 +43,6 @@ spec:
         - machine:
             # spec.shoot.workers.machine.type is required
             type: m5.xlarge
-            # spec.shoot.provider.zones is required
-            zones:
-              - eu-central-1b
             # spec.shoot.workers.machine.image is optional, when not provider default will be used
             # Will be modified by the SRE
             image:
@@ -57,6 +53,9 @@ spec:
           volume:
             type: gp2
             size: 50Gi
+          # spec.shoot.worker.zones is required
+          zones:
+            - eu-central-1b
           # spec.shoot.workers.name is optional, if not provided default will be used
           name: cpu-worker-0
           # spec.shoot.workers.minimum is required
diff --git a/docs/adr/assets/runtime-examples/aws-minimal.yaml b/docs/adr/assets/runtime-examples/aws-minimal.yaml
index d2aa68b6..10e4958c 100644
--- a/docs/adr/assets/runtime-examples/aws-minimal.yaml
+++ b/docs/adr/assets/runtime-examples/aws-minimal.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-eu11"
+    platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -39,16 +38,16 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
-      # spec.shoot.provider.zones is required
-      zones:
-        - eu-central-1a
-        - eu-central-1b
-        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
           # spec.shoot.workers.machine.type is required
           type: m6i.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
           # spec.shoot.workers.minimum is required
           minimum: 3
           # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/aws-trial.yaml b/docs/adr/assets/runtime-examples/aws-trial.yaml
index e28789b0..15df3583 100644
--- a/docs/adr/assets/runtime-examples/aws-trial.yaml
+++ b/docs/adr/assets/runtime-examples/aws-trial.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -25,7 +24,7 @@ spec:
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-eu11"
+    platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -41,14 +40,14 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
-      # spec.shoot.provider.zones is required
-      zones:
-        - eu-central-1b
       # spec.shoot.provider.workers is required
       workers:
         - machine:
             # spec.shoot.workers.machine.type is required
             type: mx5.large
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1b
           # spec.shoot.workers.minimum is required
           minimum: 1
           # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 79a79b33..4bf62426 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -51,11 +50,6 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: aws
-      # spec.shoot.provider.zones is required
-      zones:
-        - eu-central-1a
-        - eu-central-1b
-        - eu-central-1c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -71,7 +65,7 @@ spec:
           volume:
             type: gp2
             size: 50Gi
-          # spec.shoot.workers.zones is optional
+          # spec.shoot.workers.zones is required
           zones:
             - eu-central-1a
             - eu-central-1b
diff --git a/docs/adr/assets/runtime-examples/azure-fremium.yaml b/docs/adr/assets/runtime-examples/azure-fremium.yaml
index bc21cb79..8cce96d7 100644
--- a/docs/adr/assets/runtime-examples/azure-fremium.yaml
+++ b/docs/adr/assets/runtime-examples/azure-fremium.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: eu-central-1
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-us11"
+    platformRegion: "cf-us10"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -39,14 +38,14 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
-      # spec.shoot.provider.zones is required
-      zones:
-        - eu-central-1a
       # spec.shoot.provider.workers is required
       workers:
         - machine:
           # spec.shoot.workers.machine.type is required
           type: mx5.large
+          # spec.shoot.worker.zones is required
+          zones:
+            - eu-central-1a
           # spec.shoot.workers.minimum is required
           minimum: 1
           # spec.shoot.workers.maximum is required
diff --git a/docs/adr/assets/runtime-examples/azure-lite.yaml b/docs/adr/assets/runtime-examples/azure-lite.yaml
index ae25d780..e85b574e 100644
--- a/docs/adr/assets/runtime-examples/azure-lite.yaml
+++ b/docs/adr/assets/runtime-examples/azure-lite.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: eastus
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-us11"
+    platformRegion: "cf-us10"
     # spec.shoot.licenceType is optional, default=nil
     licenceType: "TestDevelopmentAndDemo"
     # spec.shoot.secretBindingName is required
@@ -42,9 +41,6 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
-      # spec.shoot.provider.zones is required
-      zones:
-        - eastus1
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -60,6 +56,9 @@ spec:
           volume:
             type: Standard_LRS
             size: 50Gi
+          # spec.shoot.worker.zones is required
+          zones:
+            - eastus1
           # spec.shoot.workers.name is optional, if not provided default will be used
           name: cpu-worker-0
           # spec.shoot.workers.minimum is required
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 22805322..73a91cbc 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: eastus
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-us11"
+    platformRegion: "cf-us10"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -51,11 +50,6 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: azure
-      # spec.shoot.provider.zones is required
-      zones:
-        - eastus1
-        - eastus2
-        - eastus3
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -71,7 +65,7 @@ spec:
           volume:
             type: Standard_LRS
             size: 50Gi
-          # spec.shoot.workers.zones is optional
+          # spec.shoot.workers.zones is required
           zones:
             - eastus1
             - eastus2
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 998266fb..0d114a25 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: europe-west3
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-eu11"
+    platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -51,11 +50,6 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: gcp
-      # spec.shoot.provider.zones is required
-      zones:
-        - europe-west3a
-        - europe-west3b
-        - europe-west3c
       # spec.shoot.provider.workers is required
       workers:
         - machine:
@@ -71,7 +65,7 @@ spec:
           volume:
             type: pd-standard
             size: 50Gi
-          # spec.shoot.workers.zones is optional
+          # spec.shoot.workers.zones is required
           zones:
             - europe-west3a
             - europe-west3b
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index 2d08e8df..fbaec4ee 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -10,7 +10,6 @@ metadata:
     kyma-project.io/subaccount-id: subAccount-id
     kyma-project.io/shoot-name: shoot-name
     kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
     operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
@@ -23,7 +22,7 @@ spec:
     # spec.shoot.region is required
     region: eu-de-1
     # spec.shoot.platformRegion is required
-    platformRegion: "cd-eu11"
+    platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
     kubernetes:
@@ -51,11 +50,6 @@ spec:
     provider:
       # spec.shoot.provider.type is required
       type: openstack
-      # spec.shoot.workers.zones is required
-      zones:
-        - eu-de-1a
-        - eu-de-1b
-        - eu-de-1d
       # spec.shoot.provider.workers is required
       workers:
         - machine:

From 53aa78b237cfff54a1e184ed3ac459c4ddf3fd0d Mon Sep 17 00:00:00 2001
From: Arkadiusz Galwas <arkadiusz.galwas@sap.com>
Date: Fri, 17 May 2024 07:01:33 +0200
Subject: [PATCH 49/49] Add spec.shoot.enforceSeedLocation property added

---
 docs/adr/001-provisioning.md                  | 39 ++++++++-----------
 docs/adr/assets/runtime-examples/aws.yaml     |  2 +
 docs/adr/assets/runtime-examples/azure.yaml   |  2 +
 docs/adr/assets/runtime-examples/gcp.yaml     |  2 +
 .../runtime-examples/sap-converged-cloud.yaml |  2 +
 5 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/docs/adr/001-provisioning.md b/docs/adr/001-provisioning.md
index 969144bf..4639121b 100644
--- a/docs/adr/001-provisioning.md
+++ b/docs/adr/001-provisioning.md
@@ -143,11 +143,12 @@ spec:
 ```
 
 There are some additional optional fields that could be specified:
-- `spec.shoot.licenceType` ; if not provided `nil` value will be used 
+- `spec.shoot.enforceSeedLocation` ; if not provided `false` value will be used
+- `spec.shoot.licenceType` ; if not provided `nil` value will be used
 - `spec.shoot.kubernetes.version` ; if not provided, the default value will be read by the KIM from the configuration
 - `spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig` ; if not provided, no additional OIDC provider will be configured
+- `spec.shoot.workers.name` ; if not provided, a Gardener default will be used
 - `spec.shoot.workers.machine.image` ; if not provided, the default value will be read by the KIM from the configuration
-- `spec.shoot.workers.name` ; if not provided, a hardcoded name will be used
 - `spec.security.networking.filtering.ingress.enabled` ; if not provided, the `false` value will be used
 
 The following example shows the Runtime CR that must be created to provision a cluster with an additional OIDC provider and to enable ingress network filtering:
@@ -155,17 +156,6 @@ The following example shows the Runtime CR that must be created to provision a c
 apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
 kind: Runtime
 metadata:
-  labels:
-    kyma-project.io/instance-id: instance-id
-    kyma-project.io/runtime-id: runtime-id
-    kyma-project.io/broker-plan-id: plan-id
-    kyma-project.io/broker-plan-name: plan-name
-    kyma-project.io/global-account-id: global-account-id
-    kyma-project.io/subaccount-id: subAccount-id
-    kyma-project.io/shoot-name: shoot-name
-    kyma-project.io/region: region
-    kyma-project.io/platform-region: platform-region
-    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
@@ -180,6 +170,8 @@ spec:
     platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
+    # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the shoot cluster
+    enforceSeedLocation: "true"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       # Will be modified by the SRE
@@ -303,16 +295,17 @@ type RuntimeStatus struct {
 }
 
 type RuntimeShoot struct {
-	Name              string                `json:"name"`
-	Purpose           gardener.ShootPurpose `json:"purpose"`
-	PlatformRegion    string                `json:"platformRegion"` 
-	Region            string                `json:"region"`
-	LicenceType       *string               `json:"licenceType,omitempty"`
-	SecretBindingName string                `json:"secretBindingName"`
-	Kubernetes        Kubernetes            `json:"kubernetes"`
-	Provider          Provider              `json:"provider"`
-	Networking        Networking            `json:"networking"`
-	ControlPlane      gardener.ControlPlane `json:"controlPlane"`
+	Name                string                `json:"name"`
+	Purpose             gardener.ShootPurpose `json:"purpose"`
+	PlatformRegion      string                `json:"platformRegion"` 
+	Region              string                `json:"region"`
+	LicenceType         *string               `json:"licenceType,omitempty"`
+	SecretBindingName   string                `json:"secretBindingName"`
+	EnforceSeedLocation *bool                 `json:"enforceSeedLocation,omitempty"`
+	Kubernetes          Kubernetes            `json:"kubernetes"`
+	Provider            Provider              `json:"provider"`
+	Networking          Networking            `json:"networking"`
+	ControlPlane        gardener.ControlPlane `json:"controlPlane"`
 }
 
 type Kubernetes struct {
diff --git a/docs/adr/assets/runtime-examples/aws.yaml b/docs/adr/assets/runtime-examples/aws.yaml
index 4bf62426..9761e722 100644
--- a/docs/adr/assets/runtime-examples/aws.yaml
+++ b/docs/adr/assets/runtime-examples/aws.yaml
@@ -25,6 +25,8 @@ spec:
     platformRegion: "cd-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
+    # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime
+    enforceSeedLocation: "true"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       # Will be modified by the SRE
diff --git a/docs/adr/assets/runtime-examples/azure.yaml b/docs/adr/assets/runtime-examples/azure.yaml
index 73a91cbc..e1267448 100644
--- a/docs/adr/assets/runtime-examples/azure.yaml
+++ b/docs/adr/assets/runtime-examples/azure.yaml
@@ -25,6 +25,8 @@ spec:
     platformRegion: "cf-us10"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
+    # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime
+    enforceSeedLocation: "true"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
diff --git a/docs/adr/assets/runtime-examples/gcp.yaml b/docs/adr/assets/runtime-examples/gcp.yaml
index 0d114a25..48b2db7f 100644
--- a/docs/adr/assets/runtime-examples/gcp.yaml
+++ b/docs/adr/assets/runtime-examples/gcp.yaml
@@ -25,6 +25,8 @@ spec:
     platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
+    # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime
+    enforceSeedLocation: "true"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"
diff --git a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
index fbaec4ee..9a61e7c2 100644
--- a/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
+++ b/docs/adr/assets/runtime-examples/sap-converged-cloud.yaml
@@ -25,6 +25,8 @@ spec:
     platformRegion: "cf-eu11"
     # spec.shoot.secretBindingName is required
     secretBindingName: "hyperscaler secret"
+    # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime
+    enforceSeedLocation: "true"
     kubernetes:
       # spec.shoot.kubernetes.version is optional, when not provided default will be used
       version: "1.28.7"