From 3bb355aa7c5821ed743cc848c336c9cdaea23024 Mon Sep 17 00:00:00 2001
From: Rob Wright <robert.wright@tylertech.com>
Date: Tue, 4 Mar 2025 18:35:09 -0500
Subject: [PATCH] Add aws_partition data source.

---
 logs_monitoring_cloudwatch_log.tf | 4 ++--
 logs_monitoring_elb.tf            | 2 +-
 main.tf                           | 4 +++-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/logs_monitoring_cloudwatch_log.tf b/logs_monitoring_cloudwatch_log.tf
index 5a82447..37c3dfd 100644
--- a/logs_monitoring_cloudwatch_log.tf
+++ b/logs_monitoring_cloudwatch_log.tf
@@ -14,6 +14,6 @@ resource "aws_lambda_permission" "allow_cloudwatch_logs_to_call_dd_lambda_handle
   function_name = aws_cloudformation_stack.datadog-forwarder.outputs.DatadogForwarderArn
   principal     = "logs.${var.aws_region}.amazonaws.com"
   source_arn = (length(var.log_group_prefixes) > 0 ?
-    "arn:aws:logs:${var.aws_region}:${var.aws_account_id}:log-group:${each.value}*" :
-  "arn:aws:logs:${var.aws_region}:${var.aws_account_id}:log-group:${each.value}:*")
+    "arn:${data.aws_partition.current.partition}:logs:${var.aws_region}:${var.aws_account_id}:log-group:${each.value}*" :
+    "arn:${data.aws_partition.current.partition}:logs:${var.aws_region}:${var.aws_account_id}:log-group:${each.value}:*")
 }
diff --git a/logs_monitoring_elb.tf b/logs_monitoring_elb.tf
index af06621..237d376 100644
--- a/logs_monitoring_elb.tf
+++ b/logs_monitoring_elb.tf
@@ -31,7 +31,7 @@ data "aws_iam_policy_document" "elb_logs" {
       "s3:PutObject"
     ]
     resources = [
-      "arn:aws:s3:::${local.elb_logs_s3_bucket}/*",
+      "arn:${data.aws_partition.current.partition}:s3:::${local.elb_logs_s3_bucket}/*",
     ]
     principals {
       type        = "AWS"
diff --git a/main.tf b/main.tf
index 0888560..59906e9 100644
--- a/main.tf
+++ b/main.tf
@@ -1,5 +1,7 @@
 ## This tf file will setup Datadog AWS integration
 
+data "aws_partition" "current" {}
+
 resource "datadog_integration_aws" "core" {
   count      = var.enable_datadog_aws_integration ? 1 : 0
   account_id = var.aws_account_id
@@ -26,7 +28,7 @@ resource "aws_iam_role" "datadog-integration" {
     {
       "Effect": "Allow",
       "Principal": {
-        "AWS": "arn:aws:iam::464622532012:root"
+        "AWS": "arn:${data.aws_partition.current.partition}:iam::464622532012:root"
       },
       "Action": "sts:AssumeRole",
       "Condition": {