Skip to content

Commit 0799b46

Browse files
fl0gefl0ge
authored
[Logs forwarder] update AWS CF template for AWS China (DataDog#863)
1 parent 627343c commit 0799b46

File tree

1 file changed

+10
-10
lines changed

1 file changed

+10
-10
lines changed

aws/logs_monitoring/template.yaml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -552,8 +552,8 @@ Resources:
552552
Service:
553553
- lambda.amazonaws.com
554554
ManagedPolicyArns:
555-
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
556-
- arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
555+
- !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
556+
- !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
557557
PermissionsBoundary: !If
558558
- SetPermissionsBoundary
559559
- !Ref PermissionsBoundaryArn
@@ -574,7 +574,7 @@ Resources:
574574
- !If
575575
- CreateS3Bucket
576576
- !Sub "${ForwarderBucket.Arn}/*"
577-
- !Sub "arn:aws:s3:::${DdForwarderExistingBucketName}/*"
577+
- !Sub "arn:${AWS::Partition}:s3:::${DdForwarderExistingBucketName}/*"
578578
Effect: Allow
579579
- !Ref AWS::NoValue
580580
- !If
@@ -587,7 +587,7 @@ Resources:
587587
- !If
588588
- CreateS3Bucket
589589
- !GetAtt ForwarderBucket.Arn
590-
- !Sub "arn:aws:s3:::${DdForwarderExistingBucketName}"
590+
- !Sub "arn:${AWS::Partition}:s3:::${DdForwarderExistingBucketName}"
591591
Condition:
592592
StringLike:
593593
s3:prefix:
@@ -661,7 +661,7 @@ Resources:
661661
- "logs.amazonaws.com.cn"
662662
- "logs.amazonaws.com"
663663
SourceAccount: !Ref "AWS::AccountId"
664-
SourceArn: !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*"
664+
SourceArn: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*"
665665
S3Permission:
666666
Type: AWS::Lambda::Permission
667667
Properties:
@@ -772,7 +772,7 @@ Resources:
772772
Description: Copies Datadog Forwarder zip to the destination S3 bucket
773773
Handler: index.handler
774774
Runtime: python3.11
775-
Timeout: 300
775+
Timeout: 600
776776
Code:
777777
ZipFile: |
778778
import json
@@ -859,8 +859,8 @@ Resources:
859859
Service:
860860
- lambda.amazonaws.com
861861
ManagedPolicyArns:
862-
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
863-
- arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
862+
- !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
863+
- !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
864864
PermissionsBoundary: !If
865865
- SetPermissionsBoundary
866866
- !Ref PermissionsBoundaryArn
@@ -878,15 +878,15 @@ Resources:
878878
- !If
879879
- CreateS3Bucket
880880
- !Sub "${ForwarderBucket.Arn}/*"
881-
- !Sub "arn:aws:s3:::${DdForwarderExistingBucketName}/*"
881+
- !Sub "arn:${AWS::Partition}:s3:::${DdForwarderExistingBucketName}/*"
882882
- Effect: Allow
883883
Action:
884884
- s3:ListBucket
885885
Resource:
886886
- !If
887887
- CreateS3Bucket
888888
- !GetAtt "ForwarderBucket.Arn"
889-
- !Sub "arn:aws:s3:::${DdForwarderExistingBucketName}"
889+
- !Sub "arn:${AWS::Partition}:s3:::${DdForwarderExistingBucketName}"
890890
- !If
891891
- SetS3SourceZip
892892
- Effect: Allow

0 commit comments

Comments
 (0)