(codedeploy): Incorrect codedeploy service principal for isolated regions #19399
Description
General Issue
Incorrect CodeDeploy service principal for isolated regions (us-iso-east-1 and us-isob-east-1).
The Question
Code deploy service role is being set to codedeploy.us-isob-east-1.amazonaws.com and codedeploy.us-iso-east-1.amazonaws.com for LCK and DCA regions.
It should be codedeploy.amazonaws.com.
Output we are getting:
"ApiLambdaCodeDeployDeploymentDeploymentGroupServiceRole45D217E3": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": "codedeploy.us-isob-east-1.amazonaws.com"
}
}
],
"Version": "2012-10-17"
},
"ManagedPolicyArns": [
{
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited"
]
]
}
]
},
"Metadata": {
"aws:cdk:path": "GammaLCK/ApiLambda/CodeDeployDeployment/DeploymentGroup/ServiceRole/Resource"
}
},CDK CLI Version
2.10.0 (build e5b301f)
Framework Version
No response
Node.js Version
No response
OS
No response
Language
Typescript
Language Version
No response
Other information
No response