Replace hardcoded partition with data resource to support aws-cn and aws-gov (#71)

Author: vladislav-orlovskiy

README.md

@@ -194,6 +194,7 @@ No modules.
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_iam_policy_document.dlq](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs

examples/complete/README.md

@@ -55,6 +55,7 @@ Note that this example may create resources which cost money. Run `terraform des
 |------|------|
 | [aws_kms_key.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
 
 ## Inputs
 

examples/complete/main.tf

@@ -4,6 +4,8 @@ provider "aws" {
 
 data "aws_caller_identity" "current" {}
 
+data "aws_partition" "current" {}
+
 locals {
   name   = "ex-${basename(path.cwd)}"
   region = "eu-west-1"
@@ -125,7 +127,7 @@ module "sqs_with_dlq" {
       principals = [
         {
           type        = "AWS"
-          identifiers = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"]
+          identifiers = ["arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:root"]
         }
       ]
     }
@@ -152,7 +154,7 @@ module "sqs_with_dlq" {
       principals = [
         {
           type        = "AWS"
-          identifiers = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"]
+          identifiers = ["arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:root"]
         }
       ]
     }

main.tf

@@ -2,6 +2,8 @@ data "aws_region" "current" {}
 
 data "aws_caller_identity" "current" {}
 
+data "aws_partition" "current" {}
+
 ################################################################################
 # Queue
 ################################################################################

outputs.tf

@@ -14,7 +14,7 @@ output "queue_arn" {
 
 output "queue_arn_static" {
   description = "The ARN of the SQS queue. Use this to avoid cycle errors between resources (e.g., Step Functions)"
-  value       = var.create && !var.use_name_prefix ? "arn:aws:sqs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${local.name}" : ""
+  value       = var.create && !var.use_name_prefix ? "arn:${data.aws_partition.current.partition}:sqs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${local.name}" : ""
 }
 
 output "queue_url" {
@@ -43,7 +43,7 @@ output "dead_letter_queue_arn" {
 
 output "dead_letter_queue_arn_static" {
   description = "The ARN of the SQS queue. Use this to avoid cycle errors between resources (e.g., Step Functions)"
-  value       = var.create && var.create_dlq && !var.use_name_prefix ? "arn:aws:sqs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${local.dlq_name}" : ""
+  value       = var.create && var.create_dlq && !var.use_name_prefix ? "arn:${data.aws_partition.current.partition}:sqs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${local.dlq_name}" : ""
 }
 
 output "dead_letter_queue_url" {