use partition data source for arn formatting (cloudposse#60)

* use partition data source for arn formatting * use count * readme * typo Co-authored-by: Erik Osterman <[email protected]>
healthjoy · Jul 3, 2020 · 76b5f2f · 76b5f2f
1 parent 5c99b31
commit 76b5f2f
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/main.tf b/main.tf
@@ -10,6 +10,10 @@ module "label" {
   enabled     = var.enabled
 }
 
+data "aws_partition" "current" {
+  count = var.enabled ? 1 : 0
+}
+
 data "aws_iam_policy_document" "assume_role" {
   count = var.enabled ? 1 : 0
 
@@ -33,13 +37,13 @@ resource "aws_iam_role" "default" {
 
 resource "aws_iam_role_policy_attachment" "amazon_eks_cluster_policy" {
   count      = var.enabled ? 1 : 0
-  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
+  policy_arn = format("arn:%s:iam::aws:policy/AmazonEKSClusterPolicy", join("", data.aws_partition.current.*.partition))
   role       = join("", aws_iam_role.default.*.name)
 }
 
 resource "aws_iam_role_policy_attachment" "amazon_eks_service_policy" {
   count      = var.enabled ? 1 : 0
-  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
+  policy_arn = format("arn:%s:iam::aws:policy/AmazonEKSServicePolicy", join("", data.aws_partition.current.*.partition))
   role       = join("", aws_iam_role.default.*.name)
 }