[OSDOCS-7881]: Unify ccoctl install step order across providers

Author: jeana-redhat

installing/installing_aws/installing-aws-china.adoc

@@ -40,39 +40,6 @@ include::modules/installation-aws-upload-custom-rhcos-ami.adoc[leveloffset=+1]
 
 include::modules/installation-obtaining-installer.adoc[leveloffset=+1]
 
-//Installing the OpenShift CLI by downloading the binary: Moved up to precede `ccoctl` steps, which require the use of `oc`
-include::modules/cli-installing-cli.adoc[leveloffset=+1]
-
-//Supertask: Configuring an AWS cluster to use short-term credentials
-[id="installing-aws-with-short-term-creds_{context}"]
-== Optional: Configuring an AWS cluster to use short-term credentials
-
-To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster.
-
-[NOTE]
-====
-To use the AWS STS, you must configure the Cloud Credential Operator (CCO) to run in manual mode. As part of the installation process, you set `credentialsMode` parameter to `Manual` after creating the `install-config.yaml` installation configuration file.
-====
-
-//Task part 1: Configuring the Cloud Credential Operator utility
-include::modules/cco-ccoctl-configuring.adoc[leveloffset=+2]
-
-//Task part 2: Creating the required AWS resources
-[id="sts-mode-create-aws-resources-ccoctl_{context}"]
-=== Creating AWS resources with the Cloud Credential Operator utility
-
-You have the following options when creating AWS resources:
-
-* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-creating-at-once_installing-aws-china-region[Creating AWS resources with a single command].
-
-* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-creating-individually_installing-aws-china-region[Creating AWS resources individually].
-
-//Task part 2a: Creating the required AWS resources all at once
-include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+3]
-
-//Task part 2b: Creating the required AWS resources individually
-include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+3]
-
 include::modules/installation-initializing-manual.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
@@ -94,21 +61,49 @@ include::modules/installation-configure-proxy.adoc[leveloffset=+2]
 
 include::modules/installation-applying-aws-security-groups.adoc[leveloffset=+2]
 
+//Installing the OpenShift CLI by downloading the binary: Moved up to precede `ccoctl` steps, which require the use of `oc`
+include::modules/cli-installing-cli.adoc[leveloffset=+1]
+
 [id="installing-aws-manual-modes_{context}"]
 == Alternatives to storing administrator-level secrets in the kube-system project
 
 By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives:
 
-* If you configured the CCO utility (`ccoctl`) to implement short-term credentials for individual components, follow the procedure in xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-install-creating-manifests_installing-aws-china-region[Incorporating the Cloud Credential Operator utility manifests].
-
-* If you will manage cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-china.adoc#manually-create-iam_installing-aws-china-region[Manually creating long-term credentials].
+* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-china.adoc#manually-create-iam_installing-aws-china-region[Manually creating long-term credentials].
 
-// Additional steps for the Cloud Credential Operator utility (`ccoctl`)
-include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+2]
+* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-china.adoc#installing-aws-with-short-term-creds_installing-aws-china-region[Configuring an AWS cluster to use short-term credentials].
 
-//Manually creating IAM
+//Manually creating long-term credentials
 include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
 
+//Supertask: Configuring an AWS cluster to use short-term credentials
+[id="installing-aws-with-short-term-creds_{context}"]
+=== Configuring an AWS cluster to use short-term credentials
+
+To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster.
+
+//Task part 1: Configuring the Cloud Credential Operator utility
+include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
+
+//Task part 2: Creating the required AWS resources
+[id="sts-mode-create-aws-resources-ccoctl_{context}"]
+==== Creating AWS resources with the Cloud Credential Operator utility
+
+You have the following options when creating AWS resources:
+
+* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-creating-at-once_installing-aws-china-region[Creating AWS resources with a single command].
+
+* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-creating-individually_installing-aws-china-region[Creating AWS resources individually].
+
+//Task part 2a: Creating the required AWS resources all at once
+include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4]
+
+//Task part 2b: Creating the required AWS resources individually
+include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+4]
+
+//Task part 3: Incorporating the Cloud Credential Operator utility manifests
+include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]
+
 include::modules/installation-launching-installer.adoc[leveloffset=+1]
 
 include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]

installing/installing_aws/installing-aws-customizations.adoc

@@ -37,39 +37,6 @@ include::modules/installation-aws-marketplace-subscribe.adoc[leveloffset=+1]
 
 include::modules/installation-obtaining-installer.adoc[leveloffset=+1]
 
-//Installing the OpenShift CLI by downloading the binary: Moved up to precede `ccoctl` steps, which require the use of `oc`
-include::modules/cli-installing-cli.adoc[leveloffset=+1]
-
-//Supertask: Configuring an AWS cluster to use short-term credentials
-[id="installing-aws-with-short-term-creds_{context}"]
-== Optional: Configuring an AWS cluster to use short-term credentials
-
-To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster.
-
-[NOTE]
-====
-To use the AWS STS, you must configure the Cloud Credential Operator (CCO) to run in manual mode. As part of the installation process, you set `credentialsMode` parameter to `Manual` after creating the `install-config.yaml` installation configuration file.
-====
-
-//Task part 1: Configuring the Cloud Credential Operator utility
-include::modules/cco-ccoctl-configuring.adoc[leveloffset=+2]
-
-//Task part 2: Creating the required AWS resources
-[id="sts-mode-create-aws-resources-ccoctl_{context}"]
-=== Creating AWS resources with the Cloud Credential Operator utility
-
-You have the following options when creating AWS resources:
-
-* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-customizations[Creating AWS resources with a single command].
-
-* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-customizations[Creating AWS resources individually].
-
-//Task part 2a: Creating the required AWS resources all at once
-include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+3]
-
-//Task part 2b: Creating the required AWS resources individually
-include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+3]
-
 include::modules/installation-initializing.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
@@ -91,21 +58,49 @@ include::modules/installation-aws-config-yaml.adoc[leveloffset=+2]
 
 include::modules/installation-configure-proxy.adoc[leveloffset=+2]
 
+//Installing the OpenShift CLI by downloading the binary: Moved up to precede `ccoctl` steps, which require the use of `oc`
+include::modules/cli-installing-cli.adoc[leveloffset=+1]
+
 [id="installing-aws-manual-modes_{context}"]
 == Alternatives to storing administrator-level secrets in the kube-system project
 
 By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives:
 
-* If you configured the CCO utility (`ccoctl`) to implement short-term credentials for individual components, follow the procedure in xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-install-creating-manifests_installing-aws-customizations[Incorporating the Cloud Credential Operator utility manifests].
+* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials].
 
-* If you will manage cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials].
+* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials].
 
-// Additional steps for the Cloud Credential Operator utility (`ccoctl`)
-include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+2]
-
-//Manually creating IAM
+//Manually creating long-term credentials
 include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
 
+//Supertask: Configuring an AWS cluster to use short-term credentials
+[id="installing-aws-with-short-term-creds_{context}"]
+=== Configuring an AWS cluster to use short-term credentials
+
+To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster.
+
+//Task part 1: Configuring the Cloud Credential Operator utility
+include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
+
+//Task part 2: Creating the required AWS resources
+[id="sts-mode-create-aws-resources-ccoctl_{context}"]
+==== Creating AWS resources with the Cloud Credential Operator utility
+
+You have the following options when creating AWS resources:
+
+* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-customizations[Creating AWS resources with a single command].
+
+* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-customizations[Creating AWS resources individually].
+
+//Task part 2a: Creating the required AWS resources all at once
+include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4]
+
+//Task part 2b: Creating the required AWS resources individually
+include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+4]
+
+//Task part 3: Incorporating the Cloud Credential Operator utility manifests
+include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]
+
 include::modules/installation-launching-installer.adoc[leveloffset=+1]
 
 include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]

installing/installing_aws/installing-aws-government-region.adoc

@@ -41,39 +41,6 @@ include::modules/installation-aws-marketplace-subscribe.adoc[leveloffset=+1]
 
 include::modules/installation-obtaining-installer.adoc[leveloffset=+1]
 
-//Installing the OpenShift CLI by downloading the binary: Moved up to precede `ccoctl` steps, which require the use of `oc`
-include::modules/cli-installing-cli.adoc[leveloffset=+1]
-
-//Supertask: Configuring an AWS cluster to use short-term credentials
-[id="installing-aws-with-short-term-creds_{context}"]
-== Optional: Configuring an AWS cluster to use short-term credentials
-
-To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster.
-
-[NOTE]
-====
-To use the AWS STS, you must configure the Cloud Credential Operator (CCO) to run in manual mode. As part of the installation process, you set `credentialsMode` parameter to `Manual` after creating the `install-config.yaml` installation configuration file.
-====
-
-//Task part 1: Configuring the Cloud Credential Operator utility
-include::modules/cco-ccoctl-configuring.adoc[leveloffset=+2]
-
-//Task part 2: Creating the required AWS resources
-[id="sts-mode-create-aws-resources-ccoctl_{context}"]
-=== Creating AWS resources with the Cloud Credential Operator utility
-
-You have the following options when creating AWS resources:
-
-* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-creating-at-once_installing-aws-government-region[Creating AWS resources with a single command].
-
-* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-creating-individually_installing-aws-government-region[Creating AWS resources individually].
-
-//Task part 2a: Creating the required AWS resources all at once
-include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+3]
-
-//Task part 2b: Creating the required AWS resources individually
-include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+3]
-
 include::modules/installation-initializing-manual.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
@@ -95,21 +62,49 @@ include::modules/installation-configure-proxy.adoc[leveloffset=+2]
 
 include::modules/installation-applying-aws-security-groups.adoc[leveloffset=+2]
 
+//Installing the OpenShift CLI by downloading the binary: Moved up to precede `ccoctl` steps, which require the use of `oc`
+include::modules/cli-installing-cli.adoc[leveloffset=+1]
+
 [id="installing-aws-manual-modes_{context}"]
 == Alternatives to storing administrator-level secrets in the kube-system project
 
 By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives:
 
-* If you configured the CCO utility (`ccoctl`) to implement short-term credentials for individual components, follow the procedure in xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-install-creating-manifests_installing-aws-government-region[Incorporating the Cloud Credential Operator utility manifests].
-
-* If you will manage cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-government-region.adoc#manually-create-iam_installing-aws-government-region[Manually creating long-term credentials].
+* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-government-region.adoc#manually-create-iam_installing-aws-government-region[Manually creating long-term credentials].
 
-// Additional steps for the Cloud Credential Operator utility (`ccoctl`)
-include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+2]
+* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-government-region.adoc#installing-aws-with-short-term-creds_installing-aws-government-region[Incorporating the Cloud Credential Operator utility manifests].
 
-//Manually creating IAM
+//Manually creating long-term credentials
 include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
 
+//Supertask: Configuring an AWS cluster to use short-term credentials
+[id="installing-aws-with-short-term-creds_{context}"]
+=== Configuring an AWS cluster to use short-term credentials
+
+To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster.
+
+//Task part 1: Configuring the Cloud Credential Operator utility
+include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
+
+//Task part 2: Creating the required AWS resources
+[id="sts-mode-create-aws-resources-ccoctl_{context}"]
+==== Creating AWS resources with the Cloud Credential Operator utility
+
+You have the following options when creating AWS resources:
+
+* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-creating-at-once_installing-aws-government-region[Creating AWS resources with a single command].
+
+* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-creating-individually_installing-aws-government-region[Creating AWS resources individually].
+
+//Task part 2a: Creating the required AWS resources all at once
+include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4]
+
+//Task part 2b: Creating the required AWS resources individually
+include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+4]
+
+//Task part 3: Incorporating the Cloud Credential Operator utility manifests
+include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]
+
 include::modules/installation-launching-installer.adoc[leveloffset=+1]
 
 include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]