Hello and Good Day Yunfei;

I have read over this request and it seems that the answer the requestor is looking for is actually in the next paragraph, "Private clusters in AWS", where it says a VPC is required to host the cluster. However, I believe the statement might be made more clear if the sentence is changed from this:

"For example, this machine can be a bastion host on your cloud network or a machine that has access to the network through a VPN."

to this:

"For example, this machine can be a bastion host on the same AWS cloud network or a machine that has access to the network through a VPN."

Do you agree? Is there any other change  you would suggest?

I will open a PR after getting  your suggestion and notify you when it is ready for your review.

Thank you so much for your help Yunfei!

James Brigman
OpenShift Technical Writer

  In the doc https://docs.openshift.com/container-platform/4.6/installing/installing_aws/installing-aws-private.html#private-clusters-default_installing-aws-private
  > You can use any machine that meets these access requirements and follows your company’s guidelines. For example, this machine can be a bastion host on your cloud network 

  I do not think it need to be changed here.

  > `machine that meets these access requirements`
  one option is create a instance in the public subnet (bastion host), the same network with your cluster.

Latha - I don't need help, I have gotten guidance from Yunfei. I will update this case with a PR link as soon as I have one.

OpenShift has moved to Jira for its defect tracking! This bug can now be found in the OCPBUGS project in Jira.

https://issues.redhat.com/browse/OCPBUGS-9690