From 33523c9f3cb71f2844d6eb238048cb104bd5e6b2 Mon Sep 17 00:00:00 2001
From: Garland Kan <garlandk@gmail.com>
Date: Tue, 11 Oct 2022 12:15:14 -0700
Subject: [PATCH] Updating the role instructions

---
 terraform-modules/aws/eks/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/terraform-modules/aws/eks/README.md b/terraform-modules/aws/eks/README.md
index 0d6d844b6..392bea3b9 100644
--- a/terraform-modules/aws/eks/README.md
+++ b/terraform-modules/aws/eks/README.md
@@ -62,10 +62,12 @@ In this case it is: `arn:aws:iam::476264531111:role/aws-reserved/sso.amazonaws.c
 
 You will then add this user or role to the appropriate section in the Terragrunt/Terraform instantiation of it: https://github.com/ManagedKube/kubernetes-ops/blob/main/terraform-environments/aws/terragrunt-dev/us-east-1/terragrunt-dev/200-eks/terragrunt.hcl
 
+It seems that you have to remove everything in between the `role` and role name.  Remove `/aws-reserved/sso.amazonaws.com`.  Which will give you:
+
 ```
   aws_auth_roles = [
     {
-      rolearn  = "arn:aws:iam::476264531111:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_devops_admin_595c0f4da82205f0"
+      rolearn  = "arn:aws:iam::476264531111:role/AWSReservedSSO_devops_admin_595c0f4da82205f0"
       username = "devops-admin"
       groups   = ["system:masters"]
     },