Merge pull request #43756 from EricPonvelle/OSDOCS-3355_RH_Account_Number-Roles

EricPonvelle · web-flow · commit c2afe571f4cd · 2022-03-30T13:26:49.000-04:00
OSDOCS-3355: Adds RH Account Number to ROSA Roles and Policies
diff --git a/modules/rosa-sts-account-wide-roles-and-policies.adoc b/modules/rosa-sts-account-wide-roles-and-policies.adoc
@@ -9,6 +9,11 @@ This section provides details about the account-wide IAM roles and policies that
 
 The account-wide roles and policies are specific to an OpenShift minor release version, for example OpenShift 4.8, and are backward compatible. You can minimize the required STS resources by reusing the account-wide roles and policies for multiple clusters of the same minor version, regardless of their patch version.
 
+[NOTE]
+====
+The account number present in the `sts_installer_trust_policy.json` and `sts_support_trust_policy.json` samples represents the Red Hat account that is allowed to assume the required roles.
+====
+
 .ROSA installer role, policy, and policy files
 [cols="1,2",options="header"]
 |===
@@ -35,7 +40,7 @@ The account-wide roles and policies are specific to an OpenShift minor release v
             "Effect": "Allow",
             "Principal": {
                 "AWS": [
-                    "arn:aws:iam::%{aws_account_id}:role/RH-Managed-OpenShift-Installer"
+                    "arn:aws:iam::710019948333:role/RH-Managed-OpenShift-Installer"
                 ]
             },
             "Action": [
@@ -419,7 +424,7 @@ The account-wide roles and policies are specific to an OpenShift minor release v
             "Effect": "Allow",
             "Principal": {
                 "AWS": [
-                    "arn:aws:iam::%{aws_account_id}:role/RH-Technical-Support-Access"
+                    "arn:aws:iam::710019948333:role/RH-Technical-Support-Access"
                 ]
             },
             "Action": [
