File tree Expand file tree Collapse file tree 2 files changed +11
-3
lines changed Expand file tree Collapse file tree 2 files changed +11
-3
lines changed Original file line number Diff line number Diff line change @@ -8,7 +8,7 @@ data "aws_iam_policy_document" "assume_role" {
88
99 principals {
1010 type = " Federated"
11- identifiers = " arn:aws :iam::${ local . account_id } :oidc-provider/${ var . openid_connect_provider_uri } "
11+ identifiers = " ${ var . arn_preffix } :iam::${ local . account_id } :oidc-provider/${ var . openid_connect_provider_uri } "
1212 }
1313
1414 condition {
@@ -44,7 +44,7 @@ data "aws_iam_policy_document" "policy" {
4444 " s3:ListBucket"
4545 ]
4646
47- resources = " arn:aws :s3:::${ var . bucket } "
47+ resources = " ${ var . arn_preffix } :s3:::${ var . bucket } "
4848 }
4949
5050 statement {
@@ -57,7 +57,7 @@ data "aws_iam_policy_document" "policy" {
5757 " s3:AbortMultipartUpload"
5858 " s3:ListMultipartUploadParts"
5959 ]
60- resources = " arn:aws :s3:::${ var . bucket } /velero/*"
60+ resources = " ${ var . arn_preffix } :s3:::${ var . bucket } /velero/*"
6161 }
6262}
6363
Original file line number Diff line number Diff line change @@ -77,3 +77,11 @@ variable "iam_role_name" {
7777 type = string
7878 default = " "
7979}
80+
81+ # Support to govcloud accounts
82+ # https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/using-govcloud-arns.html
83+ variable "arn_preffix" {
84+ description = " Bucket arn preffix, usefull when You use govcloud accounts, for example: arn:aws-us-gov<*>"
85+ type = string
86+ default = " arn:aws"
87+ }
You can’t perform that action at this time.
0 commit comments