fix: Replace Karpenter SQS policy dynamic service princpal DNS suffix…

…es with static `amazonaws.com` (#2941) fix: Replace dynamic service princpal DNS suffixes with static `amazonaws.com`
terraform-aws-modules · Feb 21, 2024 · 081c762 · 081c762
1 parent d63fd61
commit 081c762
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 4 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
  - repo: https://github.com/antonbabenko/pre-commit-terraform
- rev: v1.86.0
+ rev: v1.87.1
  hooks:
  - id: terraform_fmt
  - id: terraform_validate

diff --git a/modules/karpenter/main.tf b/modules/karpenter/main.tf
@@ -4,7 +4,6 @@ data "aws_caller_identity" "current" {}
 
 locals {
  account_id = data.aws_caller_identity.current.account_id
- dns_suffix = data.aws_partition.current.dns_suffix
  partition = data.aws_partition.current.partition
  region = data.aws_region.current.name
 }
@@ -445,8 +444,8 @@ data "aws_iam_policy_document" "queue" {
  principals {
  type = "Service"
  identifiers = [
- "events.${local.dns_suffix}",
- "sqs.${local.dns_suffix}",
+ "events.amazonaws.com",
+ "sqs.amazonaws.com",
  ]
  }
  }