From f2d67ffa97cc0f9827f75673b1cd263e3a5062b6 Mon Sep 17 00:00:00 2001
From: Ian Lunam <ilunam@canva.com>
Date: Wed, 20 Jul 2022 23:01:07 +1200
Subject: [PATCH] fix: Use partition data source on VPC CNI IPv6 policy (#2161)

---
 node_groups.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/node_groups.tf b/node_groups.tf
index ca51f32..402191f 100644
--- a/node_groups.tf
+++ b/node_groups.tf
@@ -30,7 +30,7 @@ data "aws_iam_policy_document" "cni_ipv6_policy" {
   statement {
     sid       = "CreateTags"
     actions   = ["ec2:CreateTags"]
-    resources = ["arn:aws:ec2:*:*:network-interface/*"]
+    resources = ["arn:${data.aws_partition.current.partition}:ec2:*:*:network-interface/*"]
   }
 }