update aws acess doc for saml role mappings

Signed-off-by: Mark O Brien <markobri@redhat.com>

modules/sysadmin_guide/pages/aws-access.adoc

@@ -60,20 +60,20 @@ You'll need this in the mapping below.
 
 === Adding a group to FAS
 
-When finished, login to FAS and create a group to correspond to the new
+When finished, login to ipa and create a group to correspond to the new
 role. Use the prefix _aws-_ to denote new AWS roles in FAS. This makes
 them easier to locate in a search.
 
-It may be appropriate to set group ownership for _aws-_ groups to an
+Add the relevant sponsors as appropriate to the group. If the group allows
-Infrastructure team principal, and then add others as users or sponsors.
+a high level of access it should be monitored to ensure it is not being
-This is especially worth considering for groups that have modify (full)
+misused.
-access to an AWS resource.
 
 === Adding an IAM role mapping in Ipsilon
 
-Add the new role mapping for FAS group to Role ARN in the ansible git
+Clone the git repo available here: https://pagure.io/fedora-infra/ipsilon-fedora
-repo, under _roles/ipsilon/files/infofas.py_. Current mappings look like
+
-this:
+Edit the file ipsilon/info/infofas.py add the new role mapping following
+the examples below
 
 ....
 aws_groups = {
@@ -85,8 +85,9 @@ aws_groups = {
 }
 ....
 
-Add your mapping to the dictionary as shown. Start a new build/rollout
+Add your mapping to the dictionary as shown. Create a pull request against
-of the ipsilon project in openshift to make the changes live.
+the ipsilon-fedora repo. When this is merged run the ipsilon playbook to take
+in the new changes.
 
 === User accounts