Skip to content

Commit fca8f22

Browse files
zxkanezxkane
committed
Make aws partition as variable to support aws cn or gov.
1 parent c76192a commit fca8f22

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

template.yaml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -59,12 +59,12 @@ Resources:
5959
Action:
6060
- s3:ListBucket
6161
- s3:GetBucketLocation
62-
Resource: !Sub "arn:aws:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs"
62+
Resource: !Sub "arn:${AWS::Partition}:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs"
6363
- Effect: Allow
6464
Action:
6565
- s3:PutObject
6666
- s3:GetObject
67-
Resource: !Sub "arn:aws:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/*"
67+
Resource: !Sub "arn:${AWS::Partition}:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/*"
6868
- Effect: Allow
6969
Action:
7070
- glue:CreatePartition
@@ -107,11 +107,11 @@ Resources:
107107
Action:
108108
- s3:ListBucket
109109
- s3:GetBucketLocation
110-
Resource: !Sub "arn:aws:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs"
110+
Resource: !Sub "arn:${AWS::Partition}:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs"
111111
- Effect: Allow
112112
Action:
113113
- s3:PutObject
114-
Resource: !Sub "arn:aws:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/*"
114+
Resource: !Sub "arn:${AWS::Partition}:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/*"
115115
- Effect: Allow
116116
Action:
117117
- glue:CreatePartition
@@ -143,11 +143,11 @@ Resources:
143143
Action:
144144
- s3:GetObject
145145
- s3:DeleteObject
146-
Resource: !Sub "arn:aws:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/${NewKeyPrefix}*"
146+
Resource: !Sub "arn:${AWS::Partition}:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/${NewKeyPrefix}*"
147147
- Effect: Allow
148148
Action:
149149
- s3:PutObject
150-
Resource: !Sub "arn:aws:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/${GzKeyPrefix}*"
150+
Resource: !Sub "arn:${AWS::Partition}:s3:::${ResourcePrefix}-${AWS::AccountId}-cf-access-logs/${GzKeyPrefix}*"
151151
Environment:
152152
Variables:
153153
TARGET_KEY_PREFIX: !Ref GzKeyPrefix

0 commit comments

Comments
 (0)