Repaired a misconfigured link for HCP

_topic_maps/_topic_map_rosa.yml

@@ -233,9 +233,16 @@ Topics:
 - Name: Prerequisites checklist for deploying ROSA using STS
   File: rosa-cloud-expert-prereq-checklist
 - Name: Detailed requirements for deploying ROSA using STS
-  File: rosa-sts-aws-prereqs
-- Name: ROSA IAM role resources
+  File: rosa-classic-aws-prereqs
+- Name: Detailed requirements for deploying ROSA with HCP
+  File: rosa-hcp-aws-prereqs
+# Hiding this entry until the HCP migration is completed
+# - Name: Detailed requirements for deploying ROSA using STS
+#   File: rosa-sts-aws-prereqs
+- Name: ROSA Classic IAM role resources
   File: rosa-sts-ocm-role
+- Name: ROSA with HCP IAM roles and resources
+  File: rosa-hcp-prepare-iam-roles-resources
 ##### NOTE: THE BELOW IS REMOVED AS PART OF OSDOCS-13310
 # - Name: Limits and scalability
 #   File: rosa-limits-scalability

_topic_maps/_topic_map_rosa_hcp.yml

@@ -164,7 +164,10 @@ Topics:
 - Name: Prerequisites checklist for deploying ROSA with HCP
   File: rosa-cloud-expert-prereq-checklist
 - Name: Detailed requirements for deploying ROSA with HCP
-  File: rosa-sts-aws-prereqs
+  File: rosa-hcp-aws-prereqs
+# Hiding this entry until the HCP migration is completed
+# - Name: Detailed requirements for deploying ROSA with HCP
+#   File: rosa-sts-aws-prereqs
 - Name: Required IAM roles and resources
   File: rosa-hcp-prepare-iam-roles-resources
 ##### NOTE: THE BELOW IS REMOVED AS PART OF OSDOCS-13310

cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-deploying/cloud-experts-getting-started-detailed-cli-guide.adoc

@@ -142,7 +142,9 @@ The default settings are as follows:
 ** 2 infrastructure nodes
 ** 2 worker nodes
 ** No autoscaling
-** See the documentation on xref:../../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[ec2 instances] for more details.  
+** See the documentation on xref:../../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-ec2-instances_rosa-classic-aws-prereqs[ec2 instances] for more details. 
+// This link needs to remain hidden until the HCP migration is published
+// ** See the documentation on xref:../../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[ec2 instances] for more details.  
 * Region: As configured for the `aws` CLI
 * Networking IP ranges:
 ** Machine CIDR: 10.0.0.0/16

cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-deploying/cloud-experts-getting-started-hcp.adoc

@@ -152,7 +152,9 @@ echo "export PRIVATE_SUBNET_ID=$PRIVATE_SUBNET_ID"
 +
 [role="_additional-resources"]
 .Additional resources
-* For more about VPC requirements, see the xref:../../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prereqs[VPC documentation].
+* For more about VPC requirements, see the xref:../../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-vpc_rosa-classic-aws-prereqs[VPC documentation].
+// This link needs to remain hidden until the HCP migration is published
+// * For more about VPC requirements, see the xref:../../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prereqs[VPC documentation].
 
 . The script outputs commands. Set the commands as environment variables to store the subnet IDs for later use. Copy and run the commands:
 +

cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-what-is-rosa.adoc

@@ -134,7 +134,9 @@ etcd encryption is configured the same as in OpenShift Container Platform. The a
 Currently, the ROSA CLI does not accept multi-region KMS keys for EBS encryption. This feature is in our backlog for product updates. The ROSA CLI accepts single region KMS keys for EBS encryption if it is defined at cluster creation.
 
 == Infrastructure
-ROSA uses several different cloud services such as virtual machines, storage, and load balancers. You can see a defined list in the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-sts-aws-prereqs[AWS prerequisites].
+ROSA uses several different cloud services such as virtual machines, storage, and load balancers. You can see a defined list in the xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-classic-aws-prereqs[AWS prerequisites].
+// This section needs to remain hidden until the HCP migration is published
+// ROSA uses several different cloud services such as virtual machines, storage, and load balancers. You can see a defined list in the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-sts-aws-prereqs[AWS prerequisites].
 
 == Credential methods
 There are two credential methods to grant Red{nbsp}Hat the permissions needed to perform the required actions in your AWS account: AWS with STS or an IAM user with admin permissions. AWS with STS is the preferred method, and the IAM user method will eventually be deprecated. AWS with STS better aligns with the principles of least privilege and secure practices in cloud service resource management.

cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-rosa-sts-explained.adoc

@@ -61,7 +61,9 @@ STS roles and policies must be created for each ROSA cluster. To make this easie
 
 [id="components-specific-to-rosa-with-sts"]
 == Components specific to ROSA with STS
-* *AWS infrastructure* - This provides the infrastructure required for the cluster. It contains the actual EC2 instances, storage, and networking components. See xref:../../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-compute-types_rosa-service-definition[AWS compute types] to see supported instance types for compute nodes and xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[provisioned AWS infrastructure] for control plane and infrastructure node configuration.
+* *AWS infrastructure* - This provides the infrastructure required for the cluster. It contains the actual EC2 instances, storage, and networking components. See xref:../../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-compute-types_rosa-service-definition[AWS compute types] to see supported instance types for compute nodes and xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-ec2-instances_rosa-classic-aws-prereqs[provisioned AWS infrastructure] for control plane and infrastructure node configuration.
+// This section needs to remain hidden until the HCP migration is done
+// * *AWS infrastructure* - This provides the infrastructure required for the cluster. It contains the actual EC2 instances, storage, and networking components. See xref:../../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-compute-types_rosa-service-definition[AWS compute types] to see supported instance types for compute nodes and xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[provisioned AWS infrastructure] for control plane and infrastructure node configuration.
 * *AWS STS* - See the credential method section above.
 * *OpenID Connect (OIDC)* - This provides a mechanism for cluster Operators to authenticate with AWS, assume the cluster roles through a trust policy, and obtain temporary credentials from STS to make the required API calls.
 * *Roles and policies* - The roles and policies are one of the main differences between ROSA with STS and ROSA with IAM Users. For ROSA with STS, the roles and policies used by ROSA are broken into account-wide roles and policies and Operator roles and policies.

modules/rosa-prereq-roles-overview.adoc

@@ -3,7 +3,7 @@
 // * rosa_planning/rosa-hcp-prepare-iam-roles-resources.adoc
 
 :_mod-docs-content-type: MODULE
-[id="rosa-prereq-roles-overview"]
+[id="rosa-prereq-roles-overview_{context}"]
 = Overview of required roles
 
 To create and manage your 

networking/network_security/network-verification.adoc

@@ -41,7 +41,9 @@ ifdef::openshift-dedicated[]
 * Egress is available to the required domain and port combinations that are specified in the xref:../../osd_planning/aws-ccs.adoc#osd-aws-privatelink-firewall-prerequisites_aws-ccs[AWS firewall prerequisites] section.
 endif::openshift-dedicated[]
 ifdef::openshift-rosa[]
-* Egress is available to the required domain and port combinations that are specified in the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites] section.
+* Egress is available to the required domain and port combinations that are specified in the xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[AWS firewall prerequisites] section.
+// This link needs to reamin hidden until the HCP migration is published
+// * Egress is available to the required domain and port combinations that are specified in the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites] section.
 endif::openshift-rosa[]
 
 include::modules/automatic-network-verification-bypassing.adoc[leveloffset=+1]

networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc

@@ -33,7 +33,9 @@ include::modules/cluster-wide-proxy-preqs.adoc[leveloffset=+1]
 .Additional resources
 
 ifdef::openshift-rosa[]
-* For the installation prerequisites for ROSA clusters that use the AWS Security Token Service (STS), see xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS].
+* For the installation prerequisites for ROSA clusters that use the AWS Security Token Service (STS), see xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prerequisites[AWS prerequisites for ROSA with STS].
+// This section needs to remain hidden until the HCP migration is completed
+// * For the installation prerequisites for ROSA clusters that use the AWS Security Token Service (STS), see xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS].
 * For the installation prerequisites for ROSA clusters that do not use STS, see xref:../../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites for ROSA].
 endif::openshift-rosa[]
 ifdef::openshift-dedicated[]

rosa_architecture/cloud-experts-rosa-hcp-sts-explained.adoc

@@ -37,7 +37,9 @@ Security features for AWS STS include:
 
 [id="components-specific-to-rosa-hcp-with-sts"]
 == Components of {hcp-title}
-* *AWS infrastructure* - The infrastructure required for the cluster including the Amazon EC2 instances, Amazon EBS storage, and networking components. See xref:../rosa_architecture/rosa_policy_service_definition/rosa-hcp-service-definition.adoc#rosa-sdpolicy-instance-types_rosa-hcp-service-definition[AWS compute types] to see the supported instance types for compute nodes and xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[provisioned AWS infrastructure] for more information on cloud resource configuration.
+* *AWS infrastructure* - The infrastructure required for the cluster including the Amazon EC2 instances, Amazon EBS storage, and networking components. See xref:../rosa_architecture/rosa_policy_service_definition/rosa-hcp-service-definition.adoc#rosa-sdpolicy-instance-types_rosa-hcp-service-definition[AWS compute types] to see the supported instance types for compute nodes and xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-ec2-instances_rosa-hcp-aws-prereqs[provisioned AWS infrastructure] for more information on cloud resource configuration.
+// This link remains hidden until the migration is completed 
+//* *AWS infrastructure* - The infrastructure required for the cluster including the Amazon EC2 instances, Amazon EBS storage, and networking components. See xref:../rosa_architecture/rosa_policy_service_definition/rosa-hcp-service-definition.adoc#rosa-sdpolicy-instance-types_rosa-hcp-service-definition[AWS compute types] to see the supported instance types for compute nodes and xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[provisioned AWS infrastructure] for more information on cloud resource configuration.
 * *AWS STS* - A method for granting short-term, dynamic tokens to provide users the necessary permissions to temporarily interact with your AWS account resources.
 * *OpenID Connect (OIDC)* - A mechanism for cluster Operators to authenticate with AWS, assume the cluster roles through a trust policy, and obtain temporary credentials from AWS IAM STS to make the required API calls.
 * *Roles and policies* - The roles and policies used by {hcp-title} can be divided into account-wide roles and policies and Operator roles and policies.

rosa_architecture/rosa-sts-about-iam-resources.adoc

@@ -61,7 +61,9 @@ endif::openshift-rosa-hcp[]
 
 If you create ROSA clusters by using {cluster-manager-url}, you must have the following AWS IAM roles linked to your AWS account to create and manage the clusters.
 ifndef::openshift-rosa-hcp[]
-For more information about linking your IAM roles to your AWS account, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-associating-account_rosa-sts-aws-prereqs[Associating your AWS account].
+ For more information about linking your IAM roles to your AWS account, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-associating-account_rosa-classic-aws-prereqs[Associating your AWS account].
+// This section needs to remain hidden until the migration is completed
+// For more information about linking your IAM roles to your AWS account, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-associating-account_rosa-sts-aws-prereqs[Associating your AWS account].
 endif::openshift-rosa-hcp[]
 
 These AWS IAM roles are as follows:
@@ -87,7 +89,9 @@ include::modules/rosa-sts-ocm-role-creation.adoc[leveloffset=+2]
 
 AWS IAM roles link to your AWS account to create and manage the clusters.
 ifndef::openshift-rosa-hcp[]
-For more information about linking your IAM roles to your AWS account, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-associating-account_rosa-sts-aws-prereqs[Associating your AWS account].
+For more information about linking your IAM roles to your AWS account, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-associating-account_rosa-classic-aws-prereqs[Associating your AWS account].
+// This section needs to remain hidden until the migration is completed
+// For more information about linking your IAM roles to your AWS account, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-associating-account_rosa-sts-aws-prereqs[Associating your AWS account].
 endif::openshift-rosa-hcp[]
 
 [role="_additional-resources"]

rosa_architecture/rosa_policy_service_definition/rosa-policy-responsibility-matrix.adoc

@@ -13,7 +13,9 @@ include::modules/rosa-policy-responsibilities.adoc[leveloffset=+1]
 [role="_additional-resources"]
 .Additional resources
 ifdef::openshift-rosa[]
-* xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+* xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+// This link must remain hidden and changed until the migration is completed
+// * xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
 endif::openshift-rosa[]
 ifdef::openshift-dedicated[]
 * xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites]
@@ -43,11 +45,18 @@ include::modules/rosa-policy-change-management.adoc[leveloffset=+1]
 [role="_additional-resources"]
 .Additional resources
 ifdef::openshift-rosa-hcp[]
-* xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for {hcp-title}]
+* xref:../../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-aws-prereqs[Firewall prerequisites for {hcp-title}]
 endif::openshift-rosa-hcp[]
 ifdef::openshift-rosa[]
-* xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+* xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
 endif::openshift-rosa[]
+// These links need to remain hidden until HCP is published
+// ifdef::openshift-rosa-hcp[]
+// * xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for {hcp-title}]
+// endif::openshift-rosa-hcp[]
+// ifdef::openshift-rosa[]
+// * xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+// endif::openshift-rosa[]
 ifdef::openshift-dedicated[]
 * xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites]
 endif::openshift-dedicated[]

rosa_cluster_admin/rosa-cluster-notifications.adoc

@@ -62,7 +62,9 @@ include::modules/managed-cluster-remove-notification-contacts.adoc[leveloffset=+
 ifndef::openshift-rosa-hcp[]
 * Ensure that your firewall is configured according to the documented prerequisites:
 ifdef::openshift-rosa[]
-** xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+** xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+// This link needs to remain hidden until the HCP migration is published
+// ** xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
 endif::openshift-rosa[]
 ifdef::openshift-dedicated[]
 ** xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites]

rosa_getting_started/rosa-getting-started.adoc

@@ -24,7 +24,9 @@ You can create a ROSA cluster either with or without the AWS Security Token Serv
 // Removed as part of OSDOCS-13310, until figures are verified.
 //xref:../rosa_planning/rosa-limits-scalability.adoc#rosa-limits-scalability[limits and scalability] and 
 
-* You have reviewed the detailed xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
+* You have reviewed the detailed xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS prerequisites for ROSA with STS].
+// This link must remain hidden until HCP is published
+// * You have reviewed the detailed xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
 
 * You have the xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[AWS service quotas that are required to run a ROSA cluster].
 
@@ -88,7 +90,9 @@ include::modules/rosa-getting-started-deleting-a-cluster.adoc[leveloffset=+1]
 [id="additional-resources_{context}"]
 == Additional resources
 
-* For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow]
+* For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow]
+// This link needs to remain hidden until HCP migration is published
+// * For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow]
 
 * For more information about setting up accounts and ROSA clusters without using AWS STS, see xref:../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow]
 

rosa_getting_started/rosa-quickstart-guide-ui.adoc

@@ -26,7 +26,9 @@ image::291_OpenShift_on_AWS_Intro_1122_docs.png[{product-title}]
 // Removed as part of OSDOCS-13310, until figures are verified.
 // xref:../rosa_planning/rosa-limits-scalability.adoc#rosa-limits-scalability[limits and scalability] and 
 
-* You have reviewed the detailed xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
+* You have reviewed the detailed xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS prerequisites for ROSA with STS].
+// This link is hidden until HCP migration is published
+// * You have reviewed the detailed xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
 
 * You have the xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[AWS service quotas that are required to run a ROSA cluster].
 
@@ -163,7 +165,9 @@ include::modules/rosa-getting-started-deleting-a-cluster.adoc[leveloffset=+1]
 [id="additional-resources_{context}"]
 == Additional resources
 
-* For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow].
+* For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow].
+// This link is hidden until HCP migration is published
+// * For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow].
 
 * For more information about setting up accounts and ROSA clusters without using AWS STS, see xref:../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow].
 

rosa_getting_started/rosa-sts-getting-started-workflow.adoc

@@ -17,7 +17,9 @@ The AWS Security Token Service (STS) is a global web service that provides short
 
 You can follow the workflow stages outlined in this section to set up and access a ROSA cluster that uses STS.
 
-. xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[Complete the AWS prerequisites for ROSA with STS]. To deploy a ROSA cluster with STS, your AWS account must meet the prerequisite requirements.
+. xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[Complete the AWS prerequisites for ROSA with STS]. To deploy a ROSA cluster with STS, your AWS account must meet the prerequisite requirements.
+// This link needs to remain hidden until HCP is published
+// . xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[Complete the AWS prerequisites for ROSA with STS]. To deploy a ROSA cluster with STS, your AWS account must meet the prerequisite requirements.
 . xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas]. To prepare for your cluster deployment, review the AWS service quotas that are required to run a ROSA cluster.
 . xref:../rosa_planning/rosa-sts-setting-up-environment.adoc#rosa-sts-setting-up-environment[Set up the environment and install ROSA using STS]. Before you create a ROSA with STS cluster, you must enable ROSA in your AWS account, install and configure the required CLI tools, and verify the configuration of the CLI tools. You must also verify that the AWS Elastic Load Balancing (ELB) service role exists and that the required AWS resource quotas are available.
 . xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. Use the ROSA CLI (`rosa`) or {cluster-manager-first} to create a cluster with STS. You can create a cluster quickly by using the default options, or you can apply customizations to suit the needs of your organization.

rosa_hcp/rosa-hcp-aws-private-creating-cluster.adoc

@@ -26,7 +26,9 @@ xref:../rosa_install_access_delete_clusters/rosa-sts-config-identity-providers.a
 [id="additional-resources_rosa-hcp-aws-privatelink-creating-cluster"]
 == Additional resources
 
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-sts-aws-prereqs[AWS PrivateLink firewall prerequisites]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-aws-prereqs[AWS PrivateLink firewall prerequisites]
+// This link must remain hidden until the HCP migration is completed
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-sts-aws-prereqs[AWS PrivateLink firewall prerequisites]
 * xref:../rosa_getting_started/rosa-sts-getting-started-workflow.adoc#rosa-sts-overview-of-the-deployment-workflow[Overview of the ROSA with STS deployment workflow]
 * xref:../rosa_install_access_delete_clusters/rosa-sts-deleting-cluster.adoc#rosa-sts-deleting-cluster[Deleting a ROSA cluster]
 * xref:../architecture/rosa-architecture-models.adoc#rosa-architecture-models[ROSA architecture models]

rosa_hcp/rosa-hcp-cluster-no-cni.adoc

@@ -29,7 +29,9 @@ If you choose to use your own CNI for {rosa-short} clusters, it is strongly reco
 == Creating a {rosa-short} cluster without a CNI plugin
 
 === Prerequisites
-* Ensure that you have completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc[AWS prerequisites].
+* Ensure that you have completed the xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-aws-prereqs[AWS prerequisites].
+// This link needs to remain hidden until HCP is published
+// * Ensure that you have completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc[AWS prerequisites].
 
 * Ensure that you have a configured xref:../rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc#rosa-hcp-creating-vpc[virtual private cloud] (VPC).
 

rosa_hcp/rosa-hcp-creating-cluster-with-aws-kms-key.adoc

@@ -95,7 +95,9 @@ ifndef::openshift-rosa-hcp[]
 * xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-cluster-using-customizations_rosa-sts-creating-a-cluster-with-customizations[Creating a cluster using customizations]
 * xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS]
 * xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-operator-role-prefixes_rosa-sts-about-iam-resources[About custom Operator IAM role prefixes]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-aws-prereqs[AWS prerequisites for ROSA with STS]
+// This link needs to be hidden until HCP migration is published
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]]
 * xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-understanding-deployment-modes_rosa-sts-creating-a-cluster-with-customizations[Understanding the auto and manual deployment modes]
 * link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers]
 * xref:../support/troubleshooting/rosa-troubleshooting-installations-hcp.adoc#rosa-troubleshooting-installations-hcp[Troubleshooting ROSA with HCP cluster installations]

rosa_hcp/rosa-hcp-sts-creating-a-cluster-ext-auth.adoc

@@ -36,7 +36,9 @@ endif::openshift-rosa-hcp[]
 To create a {rosa-short} cluster, you must have completed the following steps:
 
 ifndef::openshift-rosa-hcp[]
-* Completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites]
+* Completed the xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-aws-prereqs[AWS prerequisites]
+// This link must remain hidden until HCP migration is published
+// * Completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites]
 endif::openshift-rosa-hcp[]
 * xref:../rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc#rosa-hcp-creating-vpc[Configured virtual private cloud (VPC)]
 * Created xref:../rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-account-wide-sts-roles-and-policies_rosa-hcp-sts-creating-a-cluster-quickly[Account-wide roles]
@@ -83,7 +85,9 @@ include::modules/rosa-hcp-sts-creating-a-cluster-external-auth-provider-delete-c
 
 // * To learn more about the default CIDR ranges for {product-title}, see xref:#../networking/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions].
 * xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-operator-role-prefixes_rosa-sts-about-iam-resources[About custom Operator IAM role prefixes]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-aws-prereqs[AWS prerequisites for ROSA with STS]
+// This link needs to be hidden until HCP migration is published
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]]
 * xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-understanding-deployment-modes_rosa-sts-creating-a-cluster-with-customizations[Understanding the auto and manual deployment modes]
 * link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers] in the AWS documentation.
 * xref:../support/troubleshooting/rosa-troubleshooting-installations-hcp.adoc#rosa-troubleshooting-installations-hcp[Troubleshooting ROSA with HCP cluster installations]

rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc

@@ -52,7 +52,9 @@ Alternatively, you can use `manual` mode, which outputs the `aws` commands neede
 .Next steps
 
 ifndef::openshift-rosa-hcp[]
-* Ensure that you have completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc[AWS prerequisites].
+* Ensure that you have completed the xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS prerequisites].
+// This link must remain hidden until HCP migration is published
+// * Ensure that you have completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc[AWS prerequisites].
 endif::openshift-rosa-hcp[]
 
 include::modules/rosa-sts-overview-of-the-default-cluster-specifications.adoc[leveloffset=+1]
@@ -148,7 +150,9 @@ ifndef::openshift-rosa-hcp[]
 * xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS]
 * xref:../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc#rosa-security-groups_prerequisites[Additional custom security groups]
 * xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-operator-role-prefixes_rosa-sts-about-iam-resources[About custom Operator IAM role prefixes]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-aws-prereqs[AWS prerequisites for ROSA with STS]
+// This link needs to be hidden until HCP migration is published
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]
 * xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-understanding-deployment-modes_rosa-sts-creating-a-cluster-with-customizations[Understanding the auto and manual deployment modes]
 * link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers]
 * xref:../support/troubleshooting/rosa-troubleshooting-installations-hcp.adoc#rosa-troubleshooting-installations-hcp[Troubleshooting ROSA with HCP installations]

rosa_install_access_delete_clusters/rosa-aws-privatelink-creating-cluster.adoc

@@ -21,11 +21,18 @@ include::modules/osd-aws-privatelink-config-dns-forwarding.adoc[leveloffset=+1]
 == Additional resources
 
 ifdef::openshift-rosa-hcp[]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for {hcp-title}]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-aws-prereqs[Firewall prerequisites for {hcp-title}]
 endif::openshift-rosa-hcp[]
 ifdef::openshift-rosa[]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+* xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
 endif::openshift-rosa[]
+// These links must remain hidden until HCP is migrated
+// ifdef::openshift-rosa-hcp[]
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for {hcp-title}]
+// endif::openshift-rosa-hcp[]
+// ifdef::openshift-rosa[]
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites for ROSA (classic architecture) clusters using STS]
+// endif::openshift-rosa[]
 ifdef::openshift-dedicated[]
 * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites_rosa-sts-aws-prereqs[Firewall prerequisites]
 endif::openshift-dedicated[]

rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.adoc

@@ -20,7 +20,9 @@ Alternatively, you can use `manual` mode, which outputs the `aws` commands neede
 [id="next-steps_{context}"]
 .Next steps
 
-* Ensure that you have completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc[AWS prerequisites].
+* Ensure that you have completed the xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS prerequisites].
+// This link must remain hidden until the HCP migration is completed
+// * Ensure that you have completed the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc[AWS prerequisites].
 include::snippets/oidc-cloudfront.adoc[]
 include::modules/rosa-sts-overview-of-the-default-cluster-specifications.adoc[leveloffset=+1]
 include::modules/rosa-sts-understanding-aws-account-association.adoc[leveloffset=+1]
@@ -71,7 +73,9 @@ include::modules/rosa-sts-creating-a-cluster-quickly-cli.adoc[leveloffset=+1]
 * For steps to deploy a ROSA cluster using manual mode, see xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-cluster-using-customizations_rosa-sts-creating-a-cluster-with-customizations[Creating a cluster using customizations].
 * For more information about the AWS Identity Access Management (IAM) resources required to deploy {product-title} with STS, see xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS].
 * For details about optionally setting an Operator role name prefix, see xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-operator-role-prefixes_rosa-sts-about-iam-resources[About custom Operator IAM role prefixes].
-* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
+* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS prerequisites for ROSA with STS].
+// This link needs to remain hidden until the HCP migration is completed
+// * For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
 * For details about using the `auto` and `manual` modes to create the required STS resources, see xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-understanding-deployment-modes_rosa-sts-creating-a-cluster-with-customizations[Understanding the auto and manual deployment modes].
 * For more information about using OpenID Connect (OIDC) identity providers in AWS IAM, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers] in the AWS documentation.
 * For more information about troubleshooting ROSA cluster installations, see xref:../support/troubleshooting/rosa-troubleshooting-installations.adoc#rosa-troubleshooting-installations[Troubleshooting installations].

rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc

@@ -78,7 +78,9 @@ include::modules/rosa-sts-creating-a-cluster-with-customizations-cli.adoc[levelo
 * For more information about the AWS Identity Access Management (IAM) resources required to deploy {product-title} with STS, see xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS].
 * For details about optionally setting an Operator role name prefix, see xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-operator-role-prefixes_rosa-sts-about-iam-resources[About custom Operator IAM role prefixes].
 * For an overview of the options that are presented when you create the AWS IAM resources and clusters by using interactive mode, see xref:../rosa_install_access_delete_clusters/rosa-sts-interactive-mode-reference.adoc#rosa-sts-interactive-mode-reference[Interactive cluster creation mode reference].
-* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
+* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS prerequisites for ROSA with STS].
+// This link needs to remain hidden until the HCP migration is completed
+// * For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
 * For more information about using OpenID Connect (OIDC) identity providers in AWS IAM, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers] in the AWS documentation.
 * For more information about etcd encryption, see the xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition].
 * For information about configuring a proxy with ROSA, see xref:../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].

rosa_install_access_delete_clusters/rosa-sts-interactive-mode-reference.adoc

@@ -20,4 +20,6 @@ include::modules/rosa-sts-interactive-cluster-creation-mode-options.adoc[levelof
 * For detailed steps to quickly create a ROSA cluster with STS, including the AWS IAM resources, see xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Creating a ROSA cluster with STS using the default options].
 * For detailed steps to create a ROSA cluster with STS using customizations, including the AWS IAM resources, see xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[Creating a ROSA cluster with STS using customizations].
 * For more information about etcd encryption, see the xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition].
-* For an example VPC architecture, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prereqs[this sample VPC architecture].
+* For an example VPC architecture, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-vpc_rosa-classic-aws-prereqs[this sample VPC architecture].
+// This link must remain hidden until the HCP migration is completed
+// * For an example VPC architecture, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prereqs[this sample VPC architecture].

rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc

@@ -9,7 +9,9 @@ toc::[]
 
 {product-title} (ROSA) provides a model that allows Red{nbsp}Hat to deploy clusters into a customer’s existing Amazon Web Service (AWS) account.
 
-You must ensure that the prerequisites are met before installing ROSA. This requirements document does not apply to AWS Security Token Service (STS). If you are using STS, see the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-prereqs_rosa-sts-aws-prereqs[STS-specific requirements].
+You must ensure that the prerequisites are met before installing ROSA. This requirements document does not apply to AWS Security Token Service (STS). If you are using STS, see the xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-aws-prereqs_rosa-classic-aws-prereqs[STS-specific requirements].
+// This link must remain hidden until HCP is migrated
+// You must ensure that the prerequisites are met before installing ROSA. This requirements document does not apply to AWS Security Token Service (STS). If you are using STS, see the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-prereqs_rosa-sts-aws-prereqs[STS-specific requirements].
 
 include::snippets/rosa-sts.adoc[]
 

rosa_planning/rosa-classic-aws-prereqs.adoc

@@ -0,0 +1,111 @@
+:_mod-docs-content-type: ASSEMBLY
+include::_attributes/attributes-openshift-dedicated.adoc[]
+//title and ID conditions so this can be shared between Classic and HCP docs while it remains accurate for both
+:context: rosa-classic-aws-prereqs
+[id="rosa-classic-aws-prereqs"]
+= Detailed requirements for deploying {rosa-classic-short} using STS
+
+toc::[]
+
+{rosa-classic-title} provides a model that allows Red{nbsp}Hat to deploy clusters into a customer's existing Amazon Web Service (AWS) account.
+
+include::snippets/rosa-sts.adoc[leveloffset=+0]
+
+Ensure that the following prerequisites are met before installing your cluster.
+
+[id="rosa-sts-customer-requirements_{context}"]
+== Customer requirements when using STS for deployment
+
+The following prerequisites must be complete before you deploy a {rosa-classic-short} cluster that uses the AWS Security Token Service (STS).
+
+include::modules/rosa-sts-aws-requirements-account.adoc[leveloffset=+2]
+
+//Adding conditions around these in case the Additional resources don't get ported to HCP or have different file names / locations; keeping all included for now 
+[role="_additional-resources"]
+[id="additional-resources_aws-account-requirements_{context}"]
+.Additional resources
+// Removed as part of OSDOCS-13310, until figures are verified.
+//* xref:../rosa_planning/rosa-limits-scalability.adoc#rosa-limits-scalability[Limits and scalability]
+* xref:../support/troubleshooting/rosa-troubleshooting-deployments.adoc#rosa-troubleshooting-elb-service-role_rosa-troubleshooting-cluster-deployments[Creating the Elastic Load Balancing (ELB) service-linked role]
+
+//TODO OSDOCS-11789: Nothing in the following module is actually a requirement, it's purely informative/recommended and needs to be re-validated by SRE/Support
+include::modules/rosa-sts-aws-requirements-support-req.adoc[leveloffset=+2]
+
+//TODO OSDOCS-11789: Need to have this re-validated by SRE/Support
+include::modules/rosa-sts-aws-requirements-security-req.adoc[leveloffset=+2]
+
+//Adding conditions around these in case the Additional resources don't get ported to HCP or have different file names / locations; keeping all included for now 
+[role="_additional-resources"]
+[id="additional-resources_aws-security-requirements_{context}"]
+.Additional resources
+ifdef::openshift-dedicated[]
+* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites]
+endif::openshift-dedicated[]
+ifdef::openshift-rosa[]
+* xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[AWS firewall prerequisites]
+
+// This link needs to remain hidden until the HCP migration is published
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites]
+endif::openshift-rosa[]
+
+[id="rosa-ocm-requirements_{context}"]
+== Requirements for using {cluster-manager}
+
+The following configuration details are required only if you use {cluster-manager-url} to manage your clusters. If you use the CLI tools exclusively, then you can disregard these requirements.
+
+//TODO OSDOCS-11789: when are ocm-role and user-role actually created? Pretty sure this happens as part of the cluster install process, so doesn't need to be done ahead of time??
+include::modules/rosa-sts-aws-requirements-association-concept.adoc[leveloffset=+2]
+include::modules/rosa-sts-aws-requirements-creating-association.adoc[leveloffset=+2]
+
+ifdef::openshift-rosa,openshift-rosa-hcp[]
+[discrete]
+[role="_additional-resources"]
+[id="additional-resources_creating-association_{context}"]
+== Additional resources
+* xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-account-wide-roles-and-policies_rosa-sts-about-iam-resources[Account-wide IAM role and policy reference]
+endif::openshift-rosa,openshift-rosa-hcp[]
+
+include::modules/rosa-sts-aws-requirements-creating-multi-association.adoc[leveloffset=+2]
+
+include::modules/rosa-requirements-deploying-in-opt-in-regions.adoc[leveloffset=+1]
+include::modules/rosa-setting-the-aws-security-token-version.adoc[leveloffset=+2]
+
+[id="rosa-sts-policy-iam_{context}"]
+== Red{nbsp}Hat managed IAM references for AWS
+
+When you use STS as your cluster credential method, Red{nbsp}Hat is not responsible for creating and managing Amazon Web Services (AWS) IAM policies, IAM users, or IAM roles. For information on creating these roles and policies, see the following sections on IAM roles.
+
+* To use the `ocm` CLI, you must have an `ocm-role` and `user-role` resource.
+See xref:../rosa_planning/rosa-hcp-prepare-iam-roles-resources.adoc#rosa-prepare-iam-resources-roles-ocm[Required IAM roles and resources].
+* If you have a single cluster, see xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-account-wide-roles-and-policies_rosa-sts-about-iam-resources[Account-wide IAM role and policy reference].
+* For each cluster, you must have the necessary Operator roles. See xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-operator-roles_rosa-sts-about-iam-resources[Cluster-specific Operator IAM role reference].
+
+include::modules/rosa-aws-provisioned.adoc[leveloffset=+1]
+
+[id="rosa-network-prereqs_{context}"]
+== Networking prerequisites
+
+include::modules/mos-network-prereqs-min-bandwidth.adoc[leveloffset=+2]
+
+[id="osd-aws-privatelink-firewall-prerequisites_rosa-classic-aws-prereqs"]
+=== AWS firewall prerequisites
+
+If you are using a firewall to control egress traffic from your {rosa-classic-short}, you must configure your firewall to grant access to the certain domain and port combinations below. {rosa-classic-short} requires this access to provide a fully managed OpenShift service.
+
+include::modules/osd-aws-privatelink-firewall-prerequisites.adoc[leveloffset=+2]
+
+[role="_additional-resources"]
+.Additional resources
+* xref:../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring]
+
+[discrete]
+== Next steps
+* xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas_rosa-sts-required-aws-service-quotas[Review the required AWS service quotas]
+
+[discrete]
+[role="_additional-resources"]
+[id="additional-resources_aws-prerequisites_{context}"]
+== Additional resources
+* xref:../rosa_architecture/rosa_policy_service_definition/rosa-policy-process-security.adoc#rosa-policy-sre-access_rosa-policy-process-security[SRE access to all Red{nbsp}Hat OpenShift Service on AWS clusters]
+* xref:../applications/deployments/rosa-config-custom-domains-applications.adoc#rosa-applications-config-custom-domains[Configuring custom domains for applications]
+* xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-instance-types_rosa-service-definition[Instance types]

rosa_planning/rosa-cloud-expert-prereq-checklist.adoc

@@ -153,13 +153,22 @@ $ rosa verify quota
 +
 This command only checks the total quota allocated to your account; it does not reflect the amount of quota already consumed from that quota. Running this command is optional because your quota is verified during cluster deployment. However, Red Hat recommends running this command to confirm your quota ahead of time so that deployment is not interrupted by issues with quota availability.
 ifdef::openshift-rosa[]
-* For more information about resources provisioned during {rosa-classic-short} cluster deployment, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-sts-aws-prereqs[Provisioned AWS Infrastructure].
+* For more information about resources provisioned during {rosa-classic-short} cluster deployment, see xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-classic-aws-prereqs[Provisioned AWS Infrastructure].
 * For more information about the required AWS service quotas, see xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas].
 endif::openshift-rosa[]
 ifdef::openshift-rosa-hcp[]
-* For more information about resources provisioned during {rosa-short} cluster deployment, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-hcp-prereqs[Provisioned AWS Infrastructure].
+* For more information about resources provisioned during {rosa-short} cluster deployment, see xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-hcp-aws-prereqs[Provisioned AWS Infrastructure].
 * For more information about the required AWS service quotas, see xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas].
 endif::openshift-rosa-hcp[]
+// These links need to remain hidden until HCP is published
+// ifdef::openshift-rosa[]
+// * For more information about resources provisioned during {rosa-classic-short} cluster deployment, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-sts-aws-prereqs[Provisioned AWS Infrastructure].
+// * For more information about the required AWS service quotas, see xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas].
+// endif::openshift-rosa[]
+// ifdef::openshift-rosa-hcp[]
+// * For more information about resources provisioned during {rosa-short} cluster deployment, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-policy-provisioned_rosa-hcp-prereqs[Provisioned AWS Infrastructure].
+// * For more information about the required AWS service quotas, see xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas].
+// endif::openshift-rosa-hcp[]
 
 == Service Control Policy (SCP) prerequisites
 
@@ -192,11 +201,19 @@ include::modules/mos-network-prereqs-min-bandwidth.adoc[leveloffset=+2]
 //TODO OSDOCS-11789: Are these things that your cluster needs access to, or your deploying machine needs access to?
 * Configure your firewall to allow access to the domains and ports listed in
 ifdef::openshift-rosa[]
-xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites].
+xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[AWS firewall prerequisites].
 endif::openshift-rosa[]
 ifdef::openshift-rosa-hcp[]
-xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-prereqs[AWS firewall prerequisites]
+xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-aws-prereqs[AWS firewall prerequisites]
 endif::openshift-rosa-hcp[]
+// These links need to remain hidden until HCP is published
+// * Configure your firewall to allow access to the domains and ports listed in
+// ifdef::openshift-rosa[]
+// xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites].
+// endif::openshift-rosa[]
+// ifdef::openshift-rosa-hcp[]
+// xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-prereqs[AWS firewall prerequisites]
+// endif::openshift-rosa-hcp[]
 
 //Moving up prereqs that are actually required for deployment
 ifdef::openshift-rosa[]
@@ -253,8 +270,12 @@ ifdef::openshift-rosa[]
 For more details see the detailed requirements for xref:../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc#rosa-security-groups_prerequisites[Security groups].
 endif::openshift-rosa[]
 ifdef::openshift-rosa-hcp[]
-For more details see the detailed requirements for xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-security-groups_rosa-hcp-prereqs[Security groups].
+For more details see the detailed requirements for xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-security-groups_rosa-hcp-aws-prereqs[Security groups].
 endif::openshift-rosa-hcp[]
+// This must remain hidden until HCP is published
+// ifdef::openshift-rosa-hcp[]
+// For more details see the detailed requirements for xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-security-groups_rosa-hcp-prereqs[Security groups].
+// endif::openshift-rosa-hcp[]
 
 === Custom DNS and domains
 

rosa_planning/rosa-hcp-aws-prereqs.adoc

@@ -0,0 +1,90 @@
+:_mod-docs-content-type: ASSEMBLY
+include::_attributes/attributes-openshift-dedicated.adoc[]
+//title and ID conditions so this can be shared between Classic and HCP docs while it remains accurate for both
+:context: rosa-hcp-aws-prereqs
+= Detailed requirements for deploying {rosa-short}
+
+toc::[]
+
+{rosa-title} provides a model that allows Red{nbsp}Hat to deploy clusters into a customer's existing Amazon Web Service (AWS) account.
+
+Ensure that the following prerequisites are met before installing your cluster.
+
+[id="rosa-hcp-customer-requirements_{context}"]
+== Customer requirements for all {rosa-short} clusters
+
+The following prerequisites must be complete before you deploy a {rosa-short} cluster.
+
+include::modules/rosa-sts-aws-requirements-account.adoc[leveloffset=+2]
+
+//TODO OSDOCS-11789: Nothing in the following module is actually a requirement, it's purely informative/recommended and needs to be re-validated by SRE/Support
+include::modules/rosa-sts-aws-requirements-support-req.adoc[leveloffset=+2]
+
+//TODO OSDOCS-11789: Need to have this re-validated by SRE/Support
+include::modules/rosa-sts-aws-requirements-security-req.adoc[leveloffset=+2]
+
+//Adding conditions around these in case the Additional resources don't get ported to HCP or have different file names / locations; keeping all included for now 
+[role="_additional-resources"]
+[id="additional-resources_aws-security-requirements_{context}"]
+.Additional resources
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-aws-prereqs[AWS firewall prerequisites]
+// This link needs to remain hidden until HCP is published
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-prereqs[AWS firewall prerequisites]
+
+[id="rosa-ocm-requirements_{context}"]
+== Requirements for using {cluster-manager}
+
+The following configuration details are required only if you use {cluster-manager-url} to manage your clusters. If you use the CLI tools exclusively, then you can disregard these requirements.
+
+//TODO OSDOCS-11789: when are ocm-role and user-role actually created? Pretty sure this happens as part of the cluster install process, so doesn't need to be done ahead of time??
+include::modules/rosa-sts-aws-requirements-association-concept.adoc[leveloffset=+2]
+include::modules/rosa-sts-aws-requirements-creating-association.adoc[leveloffset=+2]
+
+ifdef::openshift-rosa,openshift-rosa-hcp[]
+[discrete]
+[role="_additional-resources"]
+[id="additional-resources_creating-association_{context}"]
+== Additional resources
+* xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-account-wide-roles-and-policies_rosa-sts-about-iam-resources[Account-wide IAM role and policy reference]
+endif::openshift-rosa,openshift-rosa-hcp[]
+
+include::modules/rosa-sts-aws-requirements-creating-multi-association.adoc[leveloffset=+2]
+
+include::modules/rosa-requirements-deploying-in-opt-in-regions.adoc[leveloffset=+1]
+include::modules/rosa-setting-the-aws-security-token-version.adoc[leveloffset=+2]
+
+[id="rosa-sts-policy-iam_{context}"]
+== Red{nbsp}Hat managed IAM references for AWS
+
+Red{nbsp}Hat is not responsible for creating and managing Amazon Web Services (AWS) IAM policies, IAM users, or IAM roles. For information on creating these roles and policies, see the following sections on IAM roles.
+
+* To use the `ocm` CLI, you must have an `ocm-role` and `user-role` resource.
+See xref:../rosa_planning/rosa-hcp-prepare-iam-roles-resources.adoc#rosa-prepare-iam-resources-roles-ocm[Required IAM roles and resources].
+* If you have a single cluster, see xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-account-wide-roles-and-policies_rosa-sts-about-iam-resources[Account-wide IAM role and policy reference].
+* For each cluster, you must have the necessary Operator roles. See xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-operator-roles_rosa-sts-about-iam-resources[Cluster-specific Operator IAM role reference].
+
+include::modules/rosa-aws-provisioned.adoc[leveloffset=+1]
+
+[id="rosa-network-prereqs_{context}"]
+== Networking prerequisites
+
+include::modules/mos-network-prereqs-min-bandwidth.adoc[leveloffset=+2]
+
+[id="osd-aws-privatelink-firewall-prerequisites_rosa-hcp-aws-prereqs"]
+=== AWS firewall prerequisites
+
+If you are using a firewall to control egress traffic from your {rosa-short}, you must configure your firewall to grant access to the certain domain and port combinations below. {rosa-short} requires this access to provide a fully managed OpenShift service.
+
+include::modules/osd-aws-privatelink-firewall-prerequisites.adoc[leveloffset=+2]
+include::modules/rosa-hcp-firewall-prerequisites.adoc[leveloffset=+2]
+
+[discrete]
+== Next steps
+* xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas_rosa-sts-required-aws-service-quotas[Review the required AWS service quotas]
+
+[discrete]
+[role="_additional-resources"]
+[id="additional-resources_aws-prerequisites_{context}"]
+== Additional resources
+* xref:../rosa_architecture/rosa_policy_service_definition/rosa-sre-access.adoc#rosa-sre-access[SRE and service account access]
+* xref:../rosa_architecture/rosa_policy_service_definition/rosa-hcp-instance-types.adoc#rosa-hcp-instance-types[Instance types]

rosa_planning/rosa-sts-aws-prereqs.adoc

@@ -2,19 +2,30 @@
 include::_attributes/attributes-openshift-dedicated.adoc[]
 //title and ID conditions so this can be shared between Classic and HCP docs while it remains accurate for both
 ifndef::openshift-rosa-hcp[]
-:context: rosa-sts-aws-prereqs
-[id="rosa-sts-aws-prereqs"]
+:context: rosa-classic-aws-prereqs
+[id="rosa-sts-classic-aws-prereqs"]
 = Detailed requirements for deploying {product-title} using STS
 endif::openshift-rosa-hcp[]
 ifdef::openshift-rosa-hcp[]
-:context: rosa-hcp-prereqs
-[id="rosa-hcp-prereqs"]
+:context: rosa-hcp-aws-prereqs
+[id="rosa-sts-hcp-aws-prereqs"]
 = Detailed requirements for deploying {product-title}
 endif::openshift-rosa-hcp[]
+// This section needs to remain hidden until the HCP migration
+// ifndef::openshift-rosa-hcp[]
+// :context: rosa-sts-aws-prereqs
+// [id="rosa-sts-aws-prereqs"]
+// = Detailed requirements for deploying {product-title} using STS
+// endif::openshift-rosa-hcp[]
+// ifdef::openshift-rosa-hcp[]
+// :context: rosa-hcp-prereqs
+// [id="rosa-hcp-prereqs"]
+// = Detailed requirements for deploying {product-title}
+// endif::openshift-rosa-hcp[]
 
 toc::[]
 
-{product-title} provides a model that allows Red{nbsp}Hat to deploy clusters into a customer’s existing Amazon Web Service (AWS) account.
+{product-title} provides a model that allows Red{nbsp}Hat to deploy clusters into a customer's existing Amazon Web Service (AWS) account.
 
 ifndef::openshift-rosa-hcp[]
 include::snippets/rosa-sts.adoc[leveloffset=+0]
@@ -61,11 +72,18 @@ ifdef::openshift-dedicated[]
 * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites]
 endif::openshift-dedicated[]
 ifdef::openshift-rosa[]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites]
+* xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-classic-aws-prereqs[AWS firewall prerequisites]
 endif::openshift-rosa[]
 ifdef::openshift-rosa-hcp[]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-prereqs[AWS firewall prerequisites]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-aws-prereqs[AWS firewall prerequisites]
 endif::openshift-rosa-hcp[]
+// These need to remain hidden until the HCP migration is completed
+// ifdef::openshift-rosa[]
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites]
+// endif::openshift-rosa[]
+// ifdef::openshift-rosa-hcp[]
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-firewall-prerequisites_rosa-hcp-prereqs[AWS firewall prerequisites]
+// endif::openshift-rosa-hcp[]
 
 [id="rosa-ocm-requirements_{context}"]
 == Requirements for using {cluster-manager}

rosa_planning/rosa-sts-setting-up-environment.adoc

@@ -40,10 +40,19 @@ endif::openshift-rosa-hcp[]
 [role="_additional-resources"]
 == Additional resources
 ifndef::openshift-rosa-hcp[]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS Prerequisites]
+* xref:../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[AWS Prerequisites]
 * xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas and increase requests]
 endif::openshift-rosa-hcp[]
 ifdef::openshift-rosa-hcp[]
-* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-prereqs[AWS Prerequisites]
+* xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc[AWS Prerequisites]
 // TODO OSDOCS-11789: AWS quotas for HCP
 endif::openshift-rosa-hcp[]
+// This section needs to remain hidden until the HCP migration is published
+//ifndef::openshift-rosa-hcp[]
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS Prerequisites]
+// * xref:../rosa_planning/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas and increase requests]
+// endif::openshift-rosa-hcp[]
+// ifdef::openshift-rosa-hcp[]
+// * xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-hcp-prereqs[AWS Prerequisites]
+// // TODO OSDOCS-11789: AWS quotas for HCP
+// endif::openshift-rosa-hcp[]

support/troubleshooting/rosa-troubleshooting-deployments.adoc

@@ -41,7 +41,9 @@ include::modules/rosa-troubleshooting-awsinsufficientpermission-failure-deployme
 ifndef::openshift-rosa-hcp[]
 [role="_additional-resources"]
 .Additional resources
-* xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[Detailed requirements for deploying ROSA (classic architecture) using STS]
+* xref:../../rosa_planning/rosa-classic-aws-prereqs.adoc#rosa-classic-aws-prereqs[Detailed requirements for deploying ROSA (classic architecture) using STS]
+// This link needs to remain hidden until the HCP migration is completed
+// * xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[Detailed requirements for deploying ROSA (classic architecture) using STS]
 * xref:../../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc#rosa-aws-prereqs[AWS prerequisites for ROSA]
 endif::openshift-rosa-hcp[]
 

support/troubleshooting/rosa-troubleshooting-installations-hcp.adoc

@@ -14,7 +14,9 @@ include::modules/rosa-verify-hcp-install.adoc[leveloffset=+1]
 ifndef::openshift-rosa-hcp[]
 [role="_additional-resources"]
 .Additional resources
-* For information about the prerequisites for installing {hcp-title} clusters, see xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
+* For information about the prerequisites for installing {hcp-title} clusters, see xref:../../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-hcp-aws-prereqs[AWS prerequisites for ROSA with STS].
+// This link must remain hidden until the HCP migration is completed
+// * For information about the prerequisites for installing {hcp-title} clusters, see xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
 endif::openshift-rosa-hcp[]
 
 include::modules/rosa-troubleshoot-hcp-install.adoc[leveloffset=+1]

welcome/cloud-experts-rosa-hcp-sts-explained.adoc

@@ -37,7 +37,9 @@ Security features for AWS STS include:
 
 [id="components-specific-to-rosa-hcp-with-sts"]
 == Components of {hcp-title}
-* *AWS infrastructure* - The infrastructure required for the cluster including the Amazon EC2 instances, Amazon EBS storage, and networking components. See xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-compute-types_rosa-service-definition[AWS compute types] to see the supported instance types for compute nodes and xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[provisioned AWS infrastructure] for more information on cloud resource configuration.
+* *AWS infrastructure* - The infrastructure required for the cluster including the Amazon EC2 instances, Amazon EBS storage, and networking components. See xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-compute-types_rosa-service-definition[AWS compute types] to see the supported instance types for compute nodes and xref:../rosa_planning/rosa-hcp-aws-prereqs.adoc#rosa-ec2-instances_rosa-hcp-aws-prereqs[provisioned AWS infrastructure] for more information on cloud resource configuration.
+// This section needs to remain hidden until the HCP migration is completed.
+// * *AWS infrastructure* - The infrastructure required for the cluster including the Amazon EC2 instances, Amazon EBS storage, and networking components. See xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-compute-types_rosa-service-definition[AWS compute types] to see the supported instance types for compute nodes and xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-ec2-instances_rosa-sts-aws-prereqs[provisioned AWS infrastructure] for more information on cloud resource configuration.
 * *AWS STS* - A method for granting short-term, dynamic tokens to provide users the necessary permissions to temporarily interact with your AWS account resources.
 * *OpenID Connect (OIDC)* - A mechanism for cluster Operators to authenticate with AWS, assume the cluster roles through a trust policy, and obtain temporary credentials from AWS IAM STS to make the required API calls.
 * *Roles and policies* - The roles and policies used by {hcp-title} can be divided into account-wide roles and policies and Operator roles and policies.