chore: Fix Managed Policy ARNs with hardcoded partition in tests (#3662)

aws · Oct 10, 2024 · 8de1ca9 · 8de1ca9
1 parent 25158f1
commit 8de1ca9
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 8 deletions.
diff --git a/integration/resources/templates/combination/api_with_authorizers_max.yaml b/integration/resources/templates/combination/api_with_authorizers_max.yaml
@@ -125,8 +125,8 @@ Resources:
     Type: AWS::IAM::Role
     Properties:
       ManagedPolicyArns:
-      - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
-      - arn:aws:iam::aws:policy/service-role/AWSLambdaRole
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaRole
       AssumeRolePolicyDocument:
         Version: '2012-10-17'
         Statement:

diff --git a/integration/resources/templates/combination/api_with_authorizers_max_openapi.yaml b/integration/resources/templates/combination/api_with_authorizers_max_openapi.yaml
@@ -138,8 +138,8 @@ Resources:
     Type: AWS::IAM::Role
     Properties:
       ManagedPolicyArns:
-      - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
-      - arn:aws:iam::aws:policy/service-role/AWSLambdaRole
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaRole
       AssumeRolePolicyDocument:
         Version: '2012-10-17'
         Statement:

diff --git a/integration/resources/templates/combination/function_with_mq.yaml b/integration/resources/templates/combination/function_with_mq.yaml
@@ -101,7 +101,8 @@ Resources:
               secretsmanager:GetSecretValue]
             Effect: Allow
             Resource: '*'
-      ManagedPolicyArns: [arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole]
+      ManagedPolicyArns:
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
       Tags:
       - {Value: SAM, Key: lambda:createdBy}
 

diff --git a/integration/resources/templates/combination/function_with_msk.yaml b/integration/resources/templates/combination/function_with_msk.yaml
@@ -27,7 +27,8 @@ Resources:
               logs:CreateLogStream, logs:PutLogEvents]
             Effect: Allow
             Resource: '*'
-      ManagedPolicyArns: [arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole]
+      ManagedPolicyArns:
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
       Tags:
       - {Value: SAM, Key: lambda:createdBy}
 

diff --git a/...templates/combination/function_with_msk_trigger_and_s3_onfailure_events_destinations.yaml b/...templates/combination/function_with_msk_trigger_and_s3_onfailure_events_destinations.yaml
@@ -27,7 +27,8 @@ Resources:
               logs:CreateLogStream, logs:PutLogEvents, s3:ListBucket]
             Effect: Allow
             Resource: '*'
-      ManagedPolicyArns: [arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole]
+      ManagedPolicyArns:
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
       Tags:
       - {Value: SAM, Key: lambda:createdBy}
 

diff --git a/integration/resources/templates/single/state_machine_with_api.yaml b/integration/resources/templates/single/state_machine_with_api.yaml
@@ -19,7 +19,7 @@ Resources:
     Type: AWS::Serverless::StateMachine
     Properties:
       Policies:
-      - arn:aws:iam::aws:policy/AWSLambda_FullAccess
+      - !Sub arn:${AWS::Partition}:iam::aws:policy/AWSLambda_FullAccess
       Definition:
         StartAt: One
         States: