In our documentation, we describe how to install an AWS cluster using the manual credentialsMode with AWS Security Token Service. The steps described in the documentation are correct.

However in step 5 we describe that "Copy the private key that the ccoctl generated in the tls directory to the installation directory:". This should be clarified that the whole directly needs to be copied, as the customer was confused by this and only copied the key file itself.

Proposal would be to rephrase this step as "Copy the tls directory containing the private key that the ccoctl generated to the installation directory:".

Documentation for OpenShift Container Platform 4.11, 4.12, 4.13

Always

1. Visit https://docs.openshift.com/container-platform/4.13/authentication/managing_cloud_provider_credentials/cco-mode-sts.html#sts-mode-installing-manual-run-installer_cco-mode-sts
2. See the section "Running the installer"

Command displayed is correct.
Phrasing "Copy the private key that the ccoctl generated in the tls directory to the installation directory:" is confusing customers. In one instance, the customer only manually copied the file itself, despite the command being available.

Command displayed is correct.
Proposal would be to rephrase this step as "Copy the tls directory containing the private key that the ccoctl generated to the installation directory:".