diff --git a/.gitignore b/.gitignore
index 3f55cad0..baa6eb7e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,4 @@ styles/
 # Allow
 
 !styles/config/vocabularies/Percona/**
+.cache/
diff --git a/docs/manage/automate-s3-access.md b/docs/manage/automate-s3-access.md
index 44073a11..6e80c78e 100644
--- a/docs/manage/automate-s3-access.md
+++ b/docs/manage/automate-s3-access.md
@@ -161,6 +161,9 @@ aws iam create-policy --policy-name pbm-s3-access-policy --policy-document file:
 This role will be assumed by the Kubernetes service account used by your PBM pods.
 
 First, create a trust policy JSON file (e.g., `pbm-trust-policy.json`). This policy allows your Kubernetes service account to assume the role. Replace `<account-id>`, `<region>`, and `<oidc-id>` with your AWS account ID, EKS cluster region, and the OIDC ID from step 1.
+
+> **Note:** The OIDC ID is the unique identifier at the end of the OIDC issuer URL returned in step 1. For example, if the issuer URL is `https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE`, then the OIDC ID is `EXAMPLED539D4633E53DE1B71EXAMPLE`.
+
 ```json
 {
   "Version": "2012-10-17",