From 081c7624a5a4f2b039370ae8eb9ee8e445d01c48 Mon Sep 17 00:00:00 2001
From: Bryant Biggs <bryantbiggs@gmail.com>
Date: Wed, 21 Feb 2024 17:30:49 -0500
Subject: [PATCH] fix: Replace Karpenter SQS policy dynamic service princpal
 DNS suffixes with static `amazonaws.com` (#2941)

fix: Replace dynamic service princpal DNS suffixes with static `amazonaws.com`
---
 .pre-commit-config.yaml   | 2 +-
 modules/karpenter/main.tf | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 93900a8..9af61e6 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.86.0
+    rev: v1.87.1
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
diff --git a/modules/karpenter/main.tf b/modules/karpenter/main.tf
index add2795..4d01d77 100644
--- a/modules/karpenter/main.tf
+++ b/modules/karpenter/main.tf
@@ -4,7 +4,6 @@ data "aws_caller_identity" "current" {}
 
 locals {
   account_id = data.aws_caller_identity.current.account_id
-  dns_suffix = data.aws_partition.current.dns_suffix
   partition  = data.aws_partition.current.partition
   region     = data.aws_region.current.name
 }
@@ -445,8 +444,8 @@ data "aws_iam_policy_document" "queue" {
     principals {
       type = "Service"
       identifiers = [
-        "events.${local.dns_suffix}",
-        "sqs.${local.dns_suffix}",
+        "events.amazonaws.com",
+        "sqs.amazonaws.com",
       ]
     }
   }