Misc feedback

* Fix one last missing partition * Reformat long template line * Address partition added to templating in shell script
dominodatalab · Dec 20, 2022 · 278499a · 278499a
1 parent 73ee224
commit 278499a
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 2 deletions.
diff --git a/iam-bootstrap/iam.tf b/iam-bootstrap/iam.tf
@@ -10,7 +10,18 @@ resource "aws_iam_policy" "deployment" {
 
   name = "${var.deploy_id}-deployment-policy-${count.index}"
 
-  policy = templatefile(abspath(pathexpand(local.iam_policy_paths[count.index])), merge({account_id=data.aws_caller_identity.admin.account_id, deploy_id=var.deploy_id, region=var.region, partition=data.aws_partition.current.partition},var.template_config))
+  policy = templatefile(
+    abspath(pathexpand(local.iam_policy_paths[count.index])),
+    merge(
+      {
+        account_id = data.aws_caller_identity.admin.account_id,
+        deploy_id  = var.deploy_id,
+        region     = var.region,
+        partition  = data.aws_partition.current.partition
+      },
+      var.template_config
+    )
+  )
 }
 
 resource "aws_iam_role" "deployment" {
@@ -24,7 +35,7 @@ resource "aws_iam_role" "deployment" {
         Effect = "Allow"
         Sid    = ""
         Principal = {
-          AWS = "arn:aws:iam::${data.aws_caller_identity.admin.account_id}:root"
+          AWS = "arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.admin.account_id}:root"
         }
       },
     ]

diff --git a/iam-bootstrap/render.sh b/iam-bootstrap/render.sh
@@ -2,6 +2,7 @@
 
 export deploy_id=example
 export account_id=1234567890
+export partition=aws
 
 echo "Rendering bootstrap-*.json to bootstrap-render-*.json..."
 cat bootstrap-0.json | envsubst > bootstrap-rendered-0.json