Fix aws-samples#16 by adding trust entity maps for regions

henrysher · Dec 30, 2017 · 22d25c8 · 22d25c8
1 parent 9b02651
commit 22d25c8
Showing 1 changed file with 35 additions and 1 deletion.
diff --git a/cform/ecs.yaml b/cform/ecs.yaml
@@ -118,6 +118,40 @@ Parameters:
       - sc1
       - st1
     ConstraintDescription: Must be a valid EC2 volume type.
+Mappings:
+  TrustEntityMaps:
+    cn-north-1:
+      "autoscaling": "autoscaling.amazonaws.com.cn"
+    us-east-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    us-east-2:
+      "autoscaling": "autoscaling.amazonaws.com"
+    us-west-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    us-west-2:
+      "autoscaling": "autoscaling.amazonaws.com"
+    ap-south-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    ap-northeast-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    ap-northeast-2:
+      "autoscaling": "autoscaling.amazonaws.com"
+    ap-southeast-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    ap-southeast-2:
+      "autoscaling": "autoscaling.amazonaws.com"
+    ca-central-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    eu-central-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    eu-west-1:
+      "autoscaling": "autoscaling.amazonaws.com"
+    eu-west-2:
+      "autoscaling": "autoscaling.amazonaws.com"
+    eu-west-3:
+      "autoscaling": "autoscaling.amazonaws.com"
+    sa-east-1:
+      "autoscaling": "autoscaling.amazonaws.com"
 Conditions:
   CreateEC2LCWithKeyPair:
     !Not [!Equals [!Ref KeyName, '']]
@@ -363,7 +397,7 @@ Resources:
             Effect: "Allow"
             Principal:
               Service:
-                - "autoscaling.amazonaws.com"
+                - !FindInMap [AutoScalingTrustEntityMaps, !Ref "AWS::Region", "autoscaling"]
             Action:
               - "sts:AssumeRole"
       ManagedPolicyArns: