From 96dd5aa165b7ae7ca390fd0be3e1a076e72b10a2 Mon Sep 17 00:00:00 2001
From: Geoffrey Cline <geoffreyc@outlook.com>
Date: Tue, 13 Sep 2022 22:10:54 -0500
Subject: [PATCH] add link to install guide

---
 docs/install.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/install.md b/docs/install.md
index 88484b7111..f8eb45b9a2 100644
--- a/docs/install.md
+++ b/docs/install.md
@@ -10,7 +10,7 @@
 
 ## Installation
 #### Set up driver permission
-The driver requires IAM permission to talk to Amazon EBS to manage the volume on user's behalf. [The example policy here](./example-iam-policy.json) defines these permissions. 
+The driver requires IAM permission to talk to Amazon EBS to manage the volume on user's behalf. [The example policy here](./example-iam-policy.json) defines these permissions. AWS maintains a managed policy, available at ARN `arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy`. 
 
 Note: Add the below statement to the example policy if you want to encrypt the EBS drives. 
 ```
@@ -25,6 +25,8 @@ Note: Add the below statement to the example policy if you want to encrypt the E
 }
 ```
 
+For more information, review ["Creating the Amazon EBS CSI driver IAM role for service accounts" from the EKS User Guide.](https://docs.aws.amazon.com/eks/latest/userguide/csi-iam-role.html) 
+
 There are several methods to grant the driver IAM permission:
 * Using IAM [instance profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) - attach the policy to the instance profile IAM role and turn on access to [instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) for the instance(s) on which the driver Deployment will run
 * EKS only: Using [IAM roles for ServiceAccounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) - create an IAM role, attach the policy to it, then follow the IRSA documentation to associate the IAM role with the driver Deployment service account, which if you are installing via Helm is determined by value `controller.serviceAccount.name`, `ebs-csi-controller-sa` by default
@@ -67,6 +69,8 @@ helm upgrade --install aws-ebs-csi-driver \
     aws-ebs-csi-driver/aws-ebs-csi-driver
 ```
 
+Review the [configuration values](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/charts/aws-ebs-csi-driver/values.yaml) for the Helm chart.
+
 #### Upgrading from version 1.X to 2.X of the Helm chart
 Version 2.0.0 removed support for Helm v2 and now requires Helm v3 or above.