There are two methods you can use to move CWPP agents to new PoPs.
To migrate CWPP agents using a helper script:
The helper script is used to create endpoint and hosted zone in agent VPCs.
Delete the stack which is created after deploying helper script. It will delete the resources created as part of it namely endpoint and DNS hosted zone.
Deploy the helper script with new PoP details. Now the endpoint connecting to new PoP privateLink service and DNS hosted zone for the same is created.
After next sync all the agents should be managed and associated with new PoP.
To manually create a new endpoint:
Manual creation of endpoint and hosted zone in agent VPCs.
Create endpoint for new PoP privateLink services in the AWS console.
If the DNS hosted zone is already created, enter the record sets of created endpoints else create new DNS hosted zone and enter the record sets of created endpoints.