From 4b086253ff9d0f7e9bc6210f98bd29df7496a1d6 Mon Sep 17 00:00:00 2001
From: Steven Martin <steven@goteleport.com>
Date: Fri, 1 Nov 2024 07:06:20 -0400
Subject: [PATCH] docs: update role mapping instrs for trusted clusters

---
 .../management/admin/trustedclusters.mdx           | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/docs/pages/admin-guides/management/admin/trustedclusters.mdx b/docs/pages/admin-guides/management/admin/trustedclusters.mdx
index 5322f020927f0..9d0d6e8a659b0 100644
--- a/docs/pages/admin-guides/management/admin/trustedclusters.mdx
+++ b/docs/pages/admin-guides/management/admin/trustedclusters.mdx
@@ -700,13 +700,17 @@ Reference](../../../reference/access-controls/roles.mdx).
 
 ### Update role mappings
 
-You can update role mappings for a trusted cluster resource by modifying the `role_map` 
-field in the `trusted_cluster.yaml` resource configuration file. After you update the 
-resource configuration file, you can update the trusted cluster by signing in to the 
-leaf cluster and running the following command:
+Modifications to the role mappings for a trusted cluster resource
+require deleting and re-creating the trust relationship. See
+[remove a trusted leaf cluster](#remove-a-trusted-leaf-cluster) to remove the trust relationship.
+
+After removing you can update the `role_map` within the `trusted_cluster.yaml` 
+resource configuration file on the leaf cluster. Confirm the token value is still
+valid which may have expired. Run this command to re-create the trust relationship
+with the new role mapping:
 
 ```code
-$ tctl create --force trusted_cluster.yaml
+$ tctl create trusted_cluster.yaml
 ```
 
 ### Role mapping and cluster-level labels