edit

Author: bmcelvee

modules/rosa-roles-and-policies.adoc

@@ -77,17 +77,12 @@ You must attach Operator policies to an Operator IAM role to allow a ROSA cluste
 
 Certain policies are used by the cluster Operator roles, listed below. The Operator roles are created in a second step because they are dependent on an existing cluster name and cannot be created at the same time as the account-wide roles.
 
-* <operator_role_prefix>-openshift-cluster-csi-drivers-ebs-cloud-credentials
-* <operator_role_prefix>-openshift-cloud-network-config-controller-cloud-credentials
-* <operator_role_prefix>-openshift-machine-api-aws-cloud-credentials
-* <operator_role_prefix>-openshift-cloud-credential-operator-cloud-credentials
-* <operator_role_prefix>-openshift-image-registry-installer-cloud-credentials
-* <operator_role_prefix>-openshift-ingress-operator-cloud-credentials
-
-[NOTE]
-====
-Trust policies are created for each account-wide role and each Operator role.
-====
+* `<operator_role_prefix>-openshift-cluster-csi-drivers-ebs-cloud-credentials`
+* `<operator_role_prefix>-openshift-cloud-network-config-controller-cloud-credentials`
+* `<operator_role_prefix>-openshift-machine-api-aws-cloud-credentials`
+* `<operator_role_prefix>-openshift-cloud-credential-operator-cloud-credentials`
+* `<operator_role_prefix>-openshift-image-registry-installer-cloud-credentials`
+* `<operator_role_prefix>-openshift-ingress-operator-cloud-credentials`
 
 For the full `JSON` information for the AWS managed policies, see the link:https://docs.aws.amazon.com/aws-managed-policy/latest/reference/about-managed-policy-reference.html[AWS Managed Policy Reference guide]. 
 
@@ -144,5 +139,30 @@ ifdef::openshift-rosa[]
 |===
 
 For the full `JSON` information for the following policies, see the link:https://docs.aws.amazon.com/rosa/latest/userguide/security-iam-rosa-classic-account-policies.html#security-iam-id-based-policy-examples-rosa-classic-support-policy[AWS _ROSA classic account policies_ documentation].
+
+[id="account-wide-roles"]
+== Account-wide roles
+
+* `ManagedOpenShift-Installer-Role`
+* `ManagedOpenShift-ControlPlane-Role`
+* `ManagedOpenShift-Worker-Role`
+* `ManagedOpenShift-Support-Role`
+
+
+[id="operator-roles"]
+== Operator roles
+
+Certain policies are used by the cluster Operator roles, listed below. The Operator roles are created in a second step because they are dependent on an existing cluster name and cannot be created at the same time as the account-wide roles.
+
+* `<cluster-name\>-xxxx-openshift-cluster-csi-drivers-ebs-cloud-credent`
+* `<cluster-name\>-xxxx-openshift-cloud-network-config-controller-cloud`
+* `<cluster-name\>-xxxx-openshift-machine-api-aws-cloud-credentials`
+* `<cluster-name\>-xxxx-openshift-cloud-credential-operator-cloud-crede`
+* `<cluster-name\>-xxxx-openshift-image-registry-installer-cloud-creden`
+* `<cluster-name\>-xxxx-openshift-ingress-operator-cloud-credentials`
 endif::openshift-rosa[]
 
+[NOTE]
+====
+Trust policies are created for each account-wide role and each Operator role.
+====

welcome/cloud-experts-rosa-hcp-sts-explained.adoc

@@ -61,7 +61,7 @@ endif::openshift-rosa-hcp[]
 +
 [NOTE]
 ====
-See xref://authentication/rosa-aws-managed-policy-reference.adoc#rosa-roles-and-policies_rosa-aws-managed-policy-reference[AWS managed policies and roles] for a comprehensive view of the AWS managed policies.
+See xref:../authentication/rosa-aws-managed-policy-reference.adoc#rosa-roles-and-policies_rosa-aws-managed-policy-reference[AWS managed policies and roles] for a comprehensive view of the AWS managed policies.
 ====
 +
 *** link:https://docs.aws.amazon.com/aws-managed-policy/latest/reference/ROSAInstallerPolicy.html[ROSAInstallerPolicy]