diff --git a/athena-aws-cmdb/athena-aws-cmdb-connection.yaml b/athena-aws-cmdb/athena-aws-cmdb-connection.yaml index bea006e174..f230d89cba 100644 --- a/athena-aws-cmdb/athena-aws-cmdb-connection.yaml +++ b/athena-aws-cmdb/athena-aws-cmdb-connection.yaml @@ -61,7 +61,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -137,6 +137,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-clickhouse/athena-clickhouse.yaml b/athena-clickhouse/athena-clickhouse.yaml index 8f65ef1018..f13f5a9329 100644 --- a/athena-clickhouse/athena-clickhouse.yaml +++ b/athena-clickhouse/athena-clickhouse.yaml @@ -89,7 +89,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-cloudera-hive/athena-cloudera-hive-connection.yaml b/athena-cloudera-hive/athena-cloudera-hive-connection.yaml index 29fa4f5d2e..012ef6a1cc 100644 --- a/athena-cloudera-hive/athena-cloudera-hive-connection.yaml +++ b/athena-cloudera-hive/athena-cloudera-hive-connection.yaml @@ -73,7 +73,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -160,6 +160,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-cloudera-impala/athena-cloudera-impala-connection.yaml b/athena-cloudera-impala/athena-cloudera-impala-connection.yaml index 6c40c72087..d851eea6a3 100644 --- a/athena-cloudera-impala/athena-cloudera-impala-connection.yaml +++ b/athena-cloudera-impala/athena-cloudera-impala-connection.yaml @@ -73,7 +73,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -160,6 +160,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-cloudwatch-metrics/athena-cloudwatch-metrics-connection.yaml b/athena-cloudwatch-metrics/athena-cloudwatch-metrics-connection.yaml index 1cf557a0fa..f727304fac 100644 --- a/athena-cloudwatch-metrics/athena-cloudwatch-metrics-connection.yaml +++ b/athena-cloudwatch-metrics/athena-cloudwatch-metrics-connection.yaml @@ -61,7 +61,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -131,6 +131,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-cloudwatch/athena-cloudwatch-connection.yaml b/athena-cloudwatch/athena-cloudwatch-connection.yaml index b2bab240ef..889641c8a3 100644 --- a/athena-cloudwatch/athena-cloudwatch-connection.yaml +++ b/athena-cloudwatch/athena-cloudwatch-connection.yaml @@ -61,7 +61,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -135,6 +135,6 @@ Resources: - Action: - kms:GenerateDataKey Effect: Allow - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-cloudwatch/athena-cloudwatch.yaml b/athena-cloudwatch/athena-cloudwatch.yaml index 860dbf9c5d..acda1caf3f 100644 --- a/athena-cloudwatch/athena-cloudwatch.yaml +++ b/athena-cloudwatch/athena-cloudwatch.yaml @@ -82,7 +82,7 @@ Resources: Properties: PermissionsBoundary: !If [ HasPermissionsBoundary, !Ref PermissionsBoundaryARN, !Ref "AWS::NoValue" ] ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -150,6 +150,6 @@ Resources: - Action: - kms:GenerateDataKey Effect: Allow - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KMSKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KMSKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-datalakegen2/athena-datalakegen2-connection.yaml b/athena-datalakegen2/athena-datalakegen2-connection.yaml index 875093bae6..e070afcc3d 100644 --- a/athena-datalakegen2/athena-datalakegen2-connection.yaml +++ b/athena-datalakegen2/athena-datalakegen2-connection.yaml @@ -81,7 +81,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -168,6 +168,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-db2-as400/athena-db2-as400-connection.yaml b/athena-db2-as400/athena-db2-as400-connection.yaml index 1f245c8491..23181fde0c 100644 --- a/athena-db2-as400/athena-db2-as400-connection.yaml +++ b/athena-db2-as400/athena-db2-as400-connection.yaml @@ -82,7 +82,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -169,6 +169,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-db2/athena-db2-connection.yaml b/athena-db2/athena-db2-connection.yaml index 34ad745ff1..34a8a52f6c 100644 --- a/athena-db2/athena-db2-connection.yaml +++ b/athena-db2/athena-db2-connection.yaml @@ -82,7 +82,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -169,6 +169,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-docdb/athena-docdb-connection.yaml b/athena-docdb/athena-docdb-connection.yaml index 1f1d6e0841..9e7046b519 100644 --- a/athena-docdb/athena-docdb-connection.yaml +++ b/athena-docdb/athena-docdb-connection.yaml @@ -73,7 +73,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -159,6 +159,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-dynamodb/athena-dynamodb-connection.yaml b/athena-dynamodb/athena-dynamodb-connection.yaml index 600bb49697..0e29751bd1 100644 --- a/athena-dynamodb/athena-dynamodb-connection.yaml +++ b/athena-dynamodb/athena-dynamodb-connection.yaml @@ -61,7 +61,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -142,6 +142,6 @@ Resources: - Action: - kms:GenerateDataKey Effect: Allow - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-dynamodb/athena-dynamodb.yaml b/athena-dynamodb/athena-dynamodb.yaml index 366fcd85cd..5295d80bc4 100644 --- a/athena-dynamodb/athena-dynamodb.yaml +++ b/athena-dynamodb/athena-dynamodb.yaml @@ -82,7 +82,7 @@ Resources: Properties: PermissionsBoundary: !If [ HasPermissionsBoundary, !Ref PermissionsBoundaryARN, !Ref "AWS::NoValue" ] ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -156,6 +156,6 @@ Resources: - Action: - kms:GenerateDataKey Effect: Allow - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KMSKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KMSKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-elasticsearch/athena-elasticsearch-connection.yaml b/athena-elasticsearch/athena-elasticsearch-connection.yaml index e2c051882f..49dab40e1b 100644 --- a/athena-elasticsearch/athena-elasticsearch-connection.yaml +++ b/athena-elasticsearch/athena-elasticsearch-connection.yaml @@ -81,7 +81,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -170,6 +170,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-gcs/athena-gcs-connection.yaml b/athena-gcs/athena-gcs-connection.yaml index 304e998c88..15e4abc3de 100644 --- a/athena-gcs/athena-gcs-connection.yaml +++ b/athena-gcs/athena-gcs-connection.yaml @@ -65,7 +65,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -149,6 +149,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-google-bigquery/athena-google-bigquery-connection.yaml b/athena-google-bigquery/athena-google-bigquery-connection.yaml index 3105bed256..27b59585db 100644 --- a/athena-google-bigquery/athena-google-bigquery-connection.yaml +++ b/athena-google-bigquery/athena-google-bigquery-connection.yaml @@ -80,7 +80,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -167,6 +167,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-hbase/athena-hbase-connection.yaml b/athena-hbase/athena-hbase-connection.yaml index e950f7e16d..a10ec78eda 100644 --- a/athena-hbase/athena-hbase-connection.yaml +++ b/athena-hbase/athena-hbase-connection.yaml @@ -73,7 +73,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -159,6 +159,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-hortonworks-hive/athena-hortonworks-hive-connection.yaml b/athena-hortonworks-hive/athena-hortonworks-hive-connection.yaml index 9c92230e5a..53072ad989 100644 --- a/athena-hortonworks-hive/athena-hortonworks-hive-connection.yaml +++ b/athena-hortonworks-hive/athena-hortonworks-hive-connection.yaml @@ -79,7 +79,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -166,6 +166,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-kafka/athena-kafka.yaml b/athena-kafka/athena-kafka.yaml index 2479b64225..16e68ed6e3 100644 --- a/athena-kafka/athena-kafka.yaml +++ b/athena-kafka/athena-kafka.yaml @@ -120,7 +120,7 @@ Resources: Properties: PermissionsBoundary: !If [ HasPermissionsBoundary, !Ref PermissionsBoundaryARN, !Ref "AWS::NoValue" ] ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-msk/athena-msk-connection.yaml b/athena-msk/athena-msk-connection.yaml index d8649830a0..cedaa19f94 100644 --- a/athena-msk/athena-msk-connection.yaml +++ b/athena-msk/athena-msk-connection.yaml @@ -79,7 +79,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -158,6 +158,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-msk/athena-msk.yaml b/athena-msk/athena-msk.yaml index f04269c75f..078aa9ea41 100644 --- a/athena-msk/athena-msk.yaml +++ b/athena-msk/athena-msk.yaml @@ -115,7 +115,7 @@ Resources: Properties: PermissionsBoundary: !If [ HasPermissionsBoundary, !Ref PermissionsBoundaryARN, !Ref "AWS::NoValue" ] ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-mysql/athena-mysql-connection.yaml b/athena-mysql/athena-mysql-connection.yaml index 68cb803e91..e7bca23ec5 100644 --- a/athena-mysql/athena-mysql-connection.yaml +++ b/athena-mysql/athena-mysql-connection.yaml @@ -75,7 +75,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -162,6 +162,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-mysql/athena-mysql.yaml b/athena-mysql/athena-mysql.yaml index c657e41e64..44c2c100b1 100644 --- a/athena-mysql/athena-mysql.yaml +++ b/athena-mysql/athena-mysql.yaml @@ -91,7 +91,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-neptune/athena-neptune-connection.yaml b/athena-neptune/athena-neptune-connection.yaml index f0d7e098e8..260fd70180 100644 --- a/athena-neptune/athena-neptune-connection.yaml +++ b/athena-neptune/athena-neptune-connection.yaml @@ -76,7 +76,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -163,6 +163,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-oracle/athena-oracle-connection.yaml b/athena-oracle/athena-oracle-connection.yaml index 871f1624b0..5111b88fcf 100644 --- a/athena-oracle/athena-oracle-connection.yaml +++ b/athena-oracle/athena-oracle-connection.yaml @@ -77,7 +77,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -164,6 +164,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-oracle/athena-oracle.yaml b/athena-oracle/athena-oracle.yaml index 6badf23d43..137633c2cd 100644 --- a/athena-oracle/athena-oracle.yaml +++ b/athena-oracle/athena-oracle.yaml @@ -104,7 +104,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-postgresql/athena-postgresql-connection.yaml b/athena-postgresql/athena-postgresql-connection.yaml index 79b3cb38c8..db196237a6 100644 --- a/athena-postgresql/athena-postgresql-connection.yaml +++ b/athena-postgresql/athena-postgresql-connection.yaml @@ -84,7 +84,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -171,6 +171,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-postgresql/athena-postgresql.yaml b/athena-postgresql/athena-postgresql.yaml index 79d2013130..13b582deb5 100644 --- a/athena-postgresql/athena-postgresql.yaml +++ b/athena-postgresql/athena-postgresql.yaml @@ -103,7 +103,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-redis/athena-redis-connection.yaml b/athena-redis/athena-redis-connection.yaml index adf5552f00..a86e69f9e1 100644 --- a/athena-redis/athena-redis-connection.yaml +++ b/athena-redis/athena-redis-connection.yaml @@ -71,7 +71,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -157,6 +157,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-redshift/athena-redshift-connection.yaml b/athena-redshift/athena-redshift-connection.yaml index 9c63a6ffde..dfeb3b9410 100644 --- a/athena-redshift/athena-redshift-connection.yaml +++ b/athena-redshift/athena-redshift-connection.yaml @@ -73,7 +73,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -151,6 +151,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-redshift/athena-redshift.yaml b/athena-redshift/athena-redshift.yaml index b395ce646f..46d37e9216 100644 --- a/athena-redshift/athena-redshift.yaml +++ b/athena-redshift/athena-redshift.yaml @@ -101,7 +101,7 @@ Resources: Properties: PermissionsBoundary: !If [ HasPermissionsBoundary, !Ref PermissionsBoundaryARN, !Ref "AWS::NoValue" ] ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -167,6 +167,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KMSKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KMSKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-saphana/athena-saphana-connection.yaml b/athena-saphana/athena-saphana-connection.yaml index 7a58a1a271..e56478fa3c 100644 --- a/athena-saphana/athena-saphana-connection.yaml +++ b/athena-saphana/athena-saphana-connection.yaml @@ -79,7 +79,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -166,6 +166,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-snowflake/athena-snowflake-connection.yaml b/athena-snowflake/athena-snowflake-connection.yaml index af2d35782e..e7261f178d 100644 --- a/athena-snowflake/athena-snowflake-connection.yaml +++ b/athena-snowflake/athena-snowflake-connection.yaml @@ -79,7 +79,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -166,6 +166,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-sqlserver/athena-sqlserver-connection.yaml b/athena-sqlserver/athena-sqlserver-connection.yaml index 54ba72b3a8..a4468f7497 100644 --- a/athena-sqlserver/athena-sqlserver-connection.yaml +++ b/athena-sqlserver/athena-sqlserver-connection.yaml @@ -78,7 +78,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -164,6 +164,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-sqlserver/athena-sqlserver.yaml b/athena-sqlserver/athena-sqlserver.yaml index 4aa9804b16..5fcdc9021c 100644 --- a/athena-sqlserver/athena-sqlserver.yaml +++ b/athena-sqlserver/athena-sqlserver.yaml @@ -97,7 +97,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-synapse/athena-synapse-connection.yaml b/athena-synapse/athena-synapse-connection.yaml index 56645fd176..b255b10d41 100644 --- a/athena-synapse/athena-synapse-connection.yaml +++ b/athena-synapse/athena-synapse-connection.yaml @@ -81,7 +81,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -169,6 +169,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole diff --git a/athena-synapse/athena-synapse.yaml b/athena-synapse/athena-synapse.yaml index 1c524545f8..4f4602d7df 100644 --- a/athena-synapse/athena-synapse.yaml +++ b/athena-synapse/athena-synapse.yaml @@ -103,7 +103,7 @@ Resources: - Ref: PermissionsBoundaryARN - Ref: AWS::NoValue ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: diff --git a/athena-teradata/athena-teradata-connection.yaml b/athena-teradata/athena-teradata-connection.yaml index dcdc786e9c..b274b617d4 100644 --- a/athena-teradata/athena-teradata-connection.yaml +++ b/athena-teradata/athena-teradata-connection.yaml @@ -77,7 +77,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -164,6 +164,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-timestream/athena-timestream-connection.yaml b/athena-timestream/athena-timestream-connection.yaml index 288cbfea47..4f5977e487 100644 --- a/athena-timestream/athena-timestream-connection.yaml +++ b/athena-timestream/athena-timestream-connection.yaml @@ -59,7 +59,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -137,6 +137,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-tpcds/athena-tpcds-connection.yaml b/athena-tpcds/athena-tpcds-connection.yaml index 6bc7d694b9..d636921ebe 100644 --- a/athena-tpcds/athena-tpcds-connection.yaml +++ b/athena-tpcds/athena-tpcds-connection.yaml @@ -61,7 +61,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -128,6 +128,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file diff --git a/athena-vertica/athena-vertica-connection.yaml b/athena-vertica/athena-vertica-connection.yaml index 502c3ac451..3ee2b514eb 100644 --- a/athena-vertica/athena-vertica-connection.yaml +++ b/athena-vertica/athena-vertica-connection.yaml @@ -80,7 +80,7 @@ Resources: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" AssumeRolePolicyDocument: Version: 2012-10-17 Statement: @@ -172,6 +172,6 @@ Resources: - Effect: Allow Action: - kms:GenerateDataKey - Resource: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" + Resource: !Sub "arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:key/${KmsKeyId}" Roles: - !Ref FunctionRole \ No newline at end of file