diff --git a/cloudformation/ad/ad-integration.yaml b/cloudformation/ad/ad-integration.yaml index 3991ffc52c..fa9a47ae34 100644 --- a/cloudformation/ad/ad-integration.yaml +++ b/cloudformation/ad/ad-integration.yaml @@ -358,7 +358,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: ec2.amazonaws.com + Service: !Sub ec2.${AWS::URLSuffix} Version: "2012-10-17" ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore diff --git a/cloudformation/proxy/proxy.yaml b/cloudformation/proxy/proxy.yaml index 6889021f66..a38b6ba351 100644 --- a/cloudformation/proxy/proxy.yaml +++ b/cloudformation/proxy/proxy.yaml @@ -170,7 +170,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: ec2.amazonaws.com + Service: !Sub ec2.${AWS::URLSuffix} Version: 2012-10-17 ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore @@ -189,7 +189,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: ec2.amazonaws.com + Service: !Sub ec2.${AWS::URLSuffix} Version: 2012-10-17 ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore diff --git a/tests/iam_policies/cluster-roles.cfn.yaml b/tests/iam_policies/cluster-roles.cfn.yaml index 7ae7f6f0a5..7c4c9c8e81 100644 --- a/tests/iam_policies/cluster-roles.cfn.yaml +++ b/tests/iam_policies/cluster-roles.cfn.yaml @@ -59,7 +59,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] + Service: !Sub ec2.${AWS::URLSuffix} Version: '2012-10-17' Path: /parallelcluster/ ManagedPolicyArns: @@ -105,7 +105,7 @@ Resources: Condition: StringEquals: iam:PassedToService: - - !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] + - !Sub ec2.${AWS::URLSuffix} - Action: - ec2:DescribeInstances - ec2:DescribeInstanceStatus @@ -147,7 +147,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] + Service: !Sub ec2.${AWS::URLSuffix} Version: '2012-10-17' Path: /parallelcluster/ ManagedPolicyArns: @@ -235,7 +235,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] + Service: !Sub ec2.${AWS::URLSuffix} Version: '2012-10-17' Path: /parallelcluster/ ManagedPolicyArns: diff --git a/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml b/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml index 0fdc0351e3..9bbbb08ded 100644 --- a/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml +++ b/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml @@ -73,7 +73,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: ec2.amazonaws.com + Service: !Sub ec2.${AWS::URLSuffix} Version: "2012-10-17" ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore