Merge pull request #58175 from laubai/osdocs-5597-whitelist-sts-urls-prereq

OSDOCS#5597: Added regionalized AWS STS URLs to the allow list for PrivateLink (DRAFT)

Author: stevsmit

modules/osd-aws-privatelink-firewall-prerequisites.adoc

@@ -166,7 +166,11 @@ Alternatively, if you choose to not use a wildcard for Amazon Web Services (AWS)
 
 |`sts.amazonaws.com`
 |443
-|Used to install and manage clusters in an AWS environment.
+|Used to install and manage clusters in an AWS environment, for clusters configured to use the global endpoint for AWS STS.
+
+|`sts.<aws_region>.amazonaws.com`
+|443
+|Used to install and manage clusters in an AWS environment, for clusters configured to use regionalized endpoints for AWS STS. See link:https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html[AWS STS regionalized endpoints] for more information.
 
 |`tagging.us-east-1.amazonaws.com`
 |443

modules/rosa-sts-oidc-provider-command.adoc

@@ -22,7 +22,7 @@ When using `manual` mode, the `aws` command is printed to the terminal for your
 ----
 aws iam create-open-id-connect-provider \
 	--url https://rh-oidc.s3.<aws_region>.amazonaws.com/<cluster_id> \
-	--client-id-list openshift sts.amazonaws.com \
+	--client-id-list openshift sts.<aws_region>.amazonaws.com \
 	--thumbprint-list <thumbprint> <1>
 ----
 <1> The thumbprint is generated automatically when you run the `rosa create oidc-provider` command. For more information about using thumbprints with AWS Identity and Access Management (IAM) OpenID Connect (OIDC) identity providers, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html[the AWS documentation].