diff --git a/cloudformation/ad/ad-integration.yaml b/cloudformation/ad/ad-integration.yaml index d6dc7f6fc3..24348ea70f 100644 --- a/cloudformation/ad/ad-integration.yaml +++ b/cloudformation/ad/ad-integration.yaml @@ -359,7 +359,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: ec2.amazonaws.com Version: "2012-10-17" ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore diff --git a/cloudformation/proxy/proxy.yaml b/cloudformation/proxy/proxy.yaml index 72574892fa..68750c4b58 100644 --- a/cloudformation/proxy/proxy.yaml +++ b/cloudformation/proxy/proxy.yaml @@ -170,7 +170,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: ec2.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore @@ -189,7 +189,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: ec2.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore diff --git a/tests/iam_policies/cluster-roles.cfn.yaml b/tests/iam_policies/cluster-roles.cfn.yaml index 7c4c9c8e81..7ae7f6f0a5 100644 --- a/tests/iam_policies/cluster-roles.cfn.yaml +++ b/tests/iam_policies/cluster-roles.cfn.yaml @@ -59,7 +59,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] Version: '2012-10-17' Path: /parallelcluster/ ManagedPolicyArns: @@ -105,7 +105,7 @@ Resources: Condition: StringEquals: iam:PassedToService: - - !Sub ec2.${AWS::URLSuffix} + - !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] - Action: - ec2:DescribeInstances - ec2:DescribeInstanceStatus @@ -147,7 +147,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] Version: '2012-10-17' Path: /parallelcluster/ ManagedPolicyArns: @@ -235,7 +235,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: !If [ GovCloud, 'ec2.amazonaws-us-gov.com', !If [ China, 'ec2.amazonaws.cn', 'ec2.amazonaws.com']] Version: '2012-10-17' Path: /parallelcluster/ ManagedPolicyArns: diff --git a/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml b/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml index 9bbbb08ded..0fdc0351e3 100644 --- a/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml +++ b/tests/integration-tests/tests/ad_integration/test_ad_integration/test_ad_integration_on_login_nodes/ad_stack.yaml @@ -73,7 +73,7 @@ Resources: - Action: sts:AssumeRole Effect: Allow Principal: - Service: !Sub ec2.${AWS::URLSuffix} + Service: ec2.amazonaws.com Version: "2012-10-17" ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore