From 4501349b021f32648784b8ab182973f38c4af3e5 Mon Sep 17 00:00:00 2001
From: William Walker <william@defenseunicorns.com>
Date: Tue, 22 Oct 2024 15:40:24 -0500
Subject: [PATCH 1/2] Update example-iam-policy.json

wildcard the aws partion field to prevent exclusion of partitions other than `aws`
---
 docs/example-iam-policy.json | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/docs/example-iam-policy.json b/docs/example-iam-policy.json
index 0ab5790470..6c12061455 100644
--- a/docs/example-iam-policy.json
+++ b/docs/example-iam-policy.json
@@ -24,8 +24,8 @@
         "ec2:CreateTags"
       ],
       "Resource": [
-        "arn:aws:ec2:*:*:volume/*",
-        "arn:aws:ec2:*:*:snapshot/*"
+        "arn:*:ec2:*:*:volume/*",
+        "arn:*:ec2:*:*:snapshot/*"
       ]
     },
     {
@@ -34,8 +34,8 @@
         "ec2:DeleteTags"
       ],
       "Resource": [
-        "arn:aws:ec2:*:*:volume/*",
-        "arn:aws:ec2:*:*:snapshot/*"
+        "arn:*:ec2:*:*:volume/*",
+        "arn:*:ec2:*:*:snapshot/*"
       ]
     },
     {
@@ -43,7 +43,7 @@
       "Action": [
         "ec2:CreateVolume"
       ],
-      "Resource": "arn:aws:ec2:*:*:volume/*",
+      "Resource": "arn:*:ec2:*:*:volume/*",
       "Condition": {
         "StringLike": {
           "aws:RequestTag/ebs.csi.aws.com/cluster": "true"
@@ -55,7 +55,7 @@
       "Action": [
         "ec2:CreateVolume"
       ],
-      "Resource": "arn:aws:ec2:*:*:volume/*",
+      "Resource": "arn:*:ec2:*:*:volume/*",
       "Condition": {
         "StringLike": {
           "aws:RequestTag/CSIVolumeName": "*"
@@ -67,7 +67,7 @@
       "Action": [
         "ec2:CreateVolume"
       ],
-      "Resource": "arn:aws:ec2:*:*:snapshot/*"
+      "Resource": "arn:*:ec2:*:*:snapshot/*"
     },
     {
       "Effect": "Allow",

From 033cfcd4b648d5187bd87998bc08d62b8400258b Mon Sep 17 00:00:00 2001
From: William Walker <william@defenseunicorns.com>
Date: Tue, 22 Oct 2024 15:54:24 -0500
Subject: [PATCH 2/2] Update patch-cluster.yaml

---
 hack/e2e/kops/patch-cluster.yaml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/hack/e2e/kops/patch-cluster.yaml b/hack/e2e/kops/patch-cluster.yaml
index e3c0db2153..291cbaab92 100644
--- a/hack/e2e/kops/patch-cluster.yaml
+++ b/hack/e2e/kops/patch-cluster.yaml
@@ -47,8 +47,8 @@ spec:
             "ec2:CreateTags"
           ],
           "Resource": [
-            "arn:aws:ec2:*:*:volume/*",
-            "arn:aws:ec2:*:*:snapshot/*"
+            "arn:*:ec2:*:*:volume/*",
+            "arn:*:ec2:*:*:snapshot/*"
           ]
         },
         {
@@ -57,8 +57,8 @@ spec:
             "ec2:DeleteTags"
           ],
           "Resource": [
-            "arn:aws:ec2:*:*:volume/*",
-            "arn:aws:ec2:*:*:snapshot/*"
+            "arn:*:ec2:*:*:volume/*",
+            "arn:*:ec2:*:*:snapshot/*"
           ]
         },
         {
@@ -66,7 +66,7 @@ spec:
           "Action": [
             "ec2:CreateVolume"
           ],
-          "Resource": "arn:aws:ec2:*:*:volume/*",
+          "Resource": "arn:*:ec2:*:*:volume/*",
           "Condition": {
             "StringLike": {
               "aws:RequestTag/ebs.csi.aws.com/cluster": "true"
@@ -78,7 +78,7 @@ spec:
           "Action": [
             "ec2:CreateVolume"
           ],
-          "Resource": "arn:aws:ec2:*:*:volume/*",
+          "Resource": "arn:*:ec2:*:*:volume/*",
           "Condition": {
             "StringLike": {
               "aws:RequestTag/CSIVolumeName": "*"
@@ -90,7 +90,7 @@ spec:
           "Action": [
             "ec2:CreateVolume"
           ],
-          "Resource": "arn:aws:ec2:*:*:snapshot/*"
+          "Resource": "arn:*:ec2:*:*:snapshot/*"
         },
         {
           "Effect": "Allow",