fix(aws-apigateway): authorizers authorizerUri add partition

The authorizerURI includes the correct partition. Previously, it
always used the aws partition

fixes #<8098>

packages/@aws-cdk/aws-apigateway/lib/authorizers/lambda.ts

@@ -170,7 +170,7 @@ export class TokenAuthorizer extends LambdaAuthorizer {
       name: props.authorizerName ?? this.node.uniqueId,
       restApiId,
       type: 'TOKEN',
-      authorizerUri: `arn:aws:apigateway:${Stack.of(this).region}:lambda:path/2015-03-31/functions/${props.handler.functionArn}/invocations`,
+      authorizerUri: `arn:${Stack.of(this).partition}:apigateway:${Stack.of(this).region}:lambda:path/2015-03-31/functions/${props.handler.functionArn}/invocations`,
       authorizerCredentials: props.assumeRole?.roleArn,
       authorizerResultTtlInSeconds: props.resultsCacheTtl?.toSeconds(),
       identitySource: props.identitySource || 'method.request.header.Authorization',
@@ -232,7 +232,7 @@ export class RequestAuthorizer extends LambdaAuthorizer {
       name: props.authorizerName ?? this.node.uniqueId,
       restApiId,
       type: 'REQUEST',
-      authorizerUri: `arn:aws:apigateway:${Stack.of(this).region}:lambda:path/2015-03-31/functions/${props.handler.functionArn}/invocations`,
+      authorizerUri: `arn:${Stack.of(this).partition}:apigateway:${Stack.of(this).region}:lambda:path/2015-03-31/functions/${props.handler.functionArn}/invocations`,
       authorizerCredentials: props.assumeRole?.roleArn,
       authorizerResultTtlInSeconds: props.resultsCacheTtl?.toSeconds(),
       identitySource: props.identitySources.map(is => is.toString()).join(','),

packages/@aws-cdk/aws-apigateway/lib/integration.ts

@@ -113,9 +113,9 @@ export interface IntegrationProps {
    * - If you specify HTTP for the `type` property, specify the API endpoint URL.
    * - If you specify MOCK for the `type` property, don't specify this property.
    * - If you specify AWS for the `type` property, specify an AWS service that
-   *   follows this form: `arn:aws:apigateway:region:subdomain.service|service:path|action/service_api.`
+   *   follows this form: `arn:partition:apigateway:region:subdomain.service|service:path|action/service_api.`
    *   For example, a Lambda function URI follows this form:
-   *   arn:aws:apigateway:region:lambda:path/path. The path is usually in the
+   *   arn:partition:apigateway:region:lambda:path/path. The path is usually in the
    *   form /2015-03-31/functions/LambdaFunctionARN/invocations.
    *
    * @see https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#uri

packages/@aws-cdk/aws-apigateway/test/authorizers/integ.request-authorizer.expected.json

@@ -247,7 +247,11 @@
           "Fn::Join": [
             "",
             [
-              "arn:aws:apigateway:",
+              "arn:",
+              {
+                "Ref": "AWS::Partition"
+              },
+              ":apigateway:",
               {
                 "Ref": "AWS::Region"
               },

packages/@aws-cdk/aws-apigateway/test/authorizers/integ.token-authorizer-iam-role.expected.json

@@ -119,7 +119,14 @@
           "Fn::Join": [
             "",
             [
-              "arn:aws:apigateway:",
+              "arn:",
+              {
+                "Ref": "AWS::Partition"
+              },
+              ":apigateway:",
+              {
+                "Ref": "AWS::Region"
+              },
               {
                 "Ref": "AWS::Region"
               },

packages/@aws-cdk/aws-apigateway/test/authorizers/integ.token-authorizer.expected.json

@@ -247,7 +247,14 @@
           "Fn::Join": [
             "",
             [
-              "arn:aws:apigateway:",
+              "arn:",
+              {
+                "Ref": "AWS::Partition"
+              },
+              ":apigateway:",
+              {
+                "Ref": "AWS::Region"
+              },
               {
                 "Ref": "AWS::Region"
               },