Update cloudmock and integration test inputs to use aws-test partition

2021-10-29 15:44:27 -05:00 · 2021-10-29 15:44:27 -05:00 · 5d82ce0b5f
parent c09e3984fc
commit 5d82ce0b5f
25 changed files with 64 additions and 64 deletions
--- a/cloudmock/aws/mockelbv2/loadbalancers.go
+++ b/cloudmock/aws/mockelbv2/loadbalancers.go
@ -113,7 +113,7 @@ func (m *MockELBV2) CreateLoadBalancer(request *elbv2.CreateLoadBalancerInput) (
 	lb.VpcId = aws.String("vpc-1")

 	m.lbCount++
-	arn := fmt.Sprintf("arn:aws:elasticloadbalancing:us-test-1:000000000000:loadbalancer/net/%v/%v", aws.StringValue(request.Name), m.lbCount)
+	arn := fmt.Sprintf("arn:aws-test:elasticloadbalancing:us-test-1:000000000000:loadbalancer/net/%v/%v", aws.StringValue(request.Name), m.lbCount)

 	lb.LoadBalancerArn = aws.String(arn)

--- a/cloudmock/aws/mockelbv2/targetgroups.go
+++ b/cloudmock/aws/mockelbv2/targetgroups.go
@ -103,7 +103,7 @@ func (m *MockELBV2) CreateTargetGroup(request *elbv2.CreateTargetGroupInput) (*e
 	}

 	m.tgCount++
-	arn := fmt.Sprintf("arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/%v/%v", aws.StringValue(request.Name), m.tgCount)
+	arn := fmt.Sprintf("arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/%v/%v", aws.StringValue(request.Name), m.tgCount)
 	tg.TargetGroupArn = aws.String(arn)

 	if m.TargetGroups == nil {
--- a/cloudmock/aws/mockeventbridge/api.go
+++ b/cloudmock/aws/mockeventbridge/api.go
@ -39,7 +39,7 @@ func (m *MockEventBridge) PutRule(input *eventbridge.PutRuleInput) (*eventbridge
 	defer m.mutex.Unlock()

 	name := *input.Name
-	arn := "arn:aws:events:us-east-1:012345678901:rule/" + name
+	arn := "arn:aws-test:events:us-east-1:012345678901:rule/" + name

 	rule := &eventbridge.Rule{
 		Arn:          &arn,
--- a/cloudmock/aws/mockiam/oidcprovider.go
+++ b/cloudmock/aws/mockiam/oidcprovider.go
@ -84,7 +84,7 @@ func (m *MockIAM) CreateOpenIDConnectProvider(request *iam.CreateOpenIDConnectPr

 	klog.Infof("CreateOpenIDConnectProvider: %v", request)

-	arn := fmt.Sprintf("arn:aws:iam::0000000000:oidc-provider/%s", *request.Url)
+	arn := fmt.Sprintf("arn:aws-test:iam::0000000000:oidc-provider/%s", *request.Url)

 	p := &iam.GetOpenIDConnectProviderOutput{
 		ClientIDList:   request.ClientIDList,
--- a/cloudmock/aws/mocksqs/api.go
+++ b/cloudmock/aws/mocksqs/api.go
@ -56,7 +56,7 @@ func (m *MockSQS) CreateQueue(input *sqs.CreateQueueInput) (*sqs.CreateQueueOutp
 		tags:       input.Tags,
 	}

-	arn := fmt.Sprintf("arn:aws:sqs:us-test-1:000000000000:queue/%v", aws.StringValue(input.QueueName))
+	arn := fmt.Sprintf("arn:aws-test:sqs:us-test-1:000000000000:queue/%v", aws.StringValue(input.QueueName))
 	queue.attributes["QueueArn"] = &arn

 	m.Queues[name] = queue
--- a/tests/integration/update_cluster/complex/cloudformation.json
+++ b/tests/integration/update_cluster/complex/cloudformation.json
@ -274,7 +274,7 @@
                "Throughput": 125,
                "DeleteOnTermination": true,
                "Encrypted": true,
-                "KmsKeyId": "arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+                "KmsKeyId": "arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
              }
            },
            {
@ -447,7 +447,7 @@
                "VolumeSize": 20,
                "DeleteOnTermination": true,
                "Encrypted": true,
-                "KmsKeyId": "arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+                "KmsKeyId": "arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
              }
            }
          ],
@ -1386,7 +1386,7 @@
      "Properties": {
        "Certificates": [
          {
-            "CertificateArn": "arn:aws:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678"
+            "CertificateArn": "arn:aws-test:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678"
          }
        ],
        "DefaultActions": [
@ -1888,7 +1888,7 @@
          ],
          "Version": "2012-10-17"
        },
-        "PermissionsBoundary": "arn:aws:iam::000000000000:policy/boundaries",
+        "PermissionsBoundary": "arn:aws-test:iam::000000000000:policy/boundaries",
        "Tags": [
          {
            "Key": "KubernetesCluster",
@ -1929,7 +1929,7 @@
          ],
          "Version": "2012-10-17"
        },
-        "PermissionsBoundary": "arn:aws:iam::000000000000:policy/boundaries",
+        "PermissionsBoundary": "arn:aws-test:iam::000000000000:policy/boundaries",
        "Tags": [
          {
            "Key": "KubernetesCluster",
--- a/tests/integration/update_cluster/complex/cluster.overrides.txt
+++ b/tests/integration/update_cluster/complex/cluster.overrides.txt
@ -1,3 +1,3 @@
-spec.api.loadBalancer.sslCertificate=arn:aws:acm:us-east-1:123456789012:certificate/123456789012-1234-1234-1234-12345678
+spec.api.loadBalancer.sslCertificate=arn:aws-test:acm:us-east-1:123456789012:certificate/123456789012-1234-1234-1234-12345678
 ---
 spec.api.loadBalancer.additionalSecurityGroups=sg-123456
--- a/tests/integration/update_cluster/complex/data/aws_s3_bucket_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/complex/data/aws_s3_bucket_object_cluster-completed.spec_content
@ -16,7 +16,7 @@ spec:
      - sg-exampleid6
      class: Network
      crossZoneLoadBalancing: true
-      sslCertificate: arn:aws:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678
+      sslCertificate: arn:aws-test:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678
      sslPolicy: ELBSecurityPolicy-2016-08
      subnets:
      - allocationId: eipalloc-012345a678b9cdefa
@ -62,7 +62,7 @@ spec:
    provider: dns-controller
  iam:
    legacy: false
-    permissionsBoundary: arn:aws:iam::000000000000:policy/boundaries
+    permissionsBoundary: arn:aws-test:iam::000000000000:policy/boundaries
  keyStore: memfs://clusters.example.com/complex.example.com/pki
  kubeAPIServer:
    allowPrivileged: true
--- a/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml
+++ b/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml
@ -12,7 +12,7 @@ spec:
      - sg-exampleid6
      crossZoneLoadBalancing: true
      class: Network
-      sslCertificate: arn:aws:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678
+      sslCertificate: arn:aws-test:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678
      sslPolicy: ELBSecurityPolicy-2016-08
      subnets:
        - name: us-test-1a
@ -37,7 +37,7 @@ spec:
      name: a
    name: events
  iam:
-    permissionsBoundary: arn:aws:iam::000000000000:policy/boundaries
+    permissionsBoundary: arn:aws-test:iam::000000000000:policy/boundaries
  kubeAPIServer:
    serviceNodePortRange: 28000-32767
    auditWebhookBatchThrottleQps: 3.14
@ -125,7 +125,7 @@ spec:
    size: 20
    type: gp2
    encrypted: true
-    key: arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
+    key: arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
  additionalUserData:
  - name: myscript.sh
    type: text/x-shellscript
@ -152,7 +152,7 @@ spec:
  minSize: 1
  role: Master
  rootVolumeEncryption: true
-  rootVolumeEncryptionKey: arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
+  rootVolumeEncryptionKey: arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
  subnets:
  - us-test-1a
  instanceMetadata:
--- a/tests/integration/update_cluster/complex/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/complex/in-v1alpha2.yaml
@ -12,7 +12,7 @@ spec:
      - sg-exampleid6
      crossZoneLoadBalancing: true
      class: Network
-      sslCertificate: arn:aws:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678
+      sslCertificate: arn:aws-test:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678
      sslPolicy: ELBSecurityPolicy-2016-08
      subnets:
        - name: us-test-1a
@ -37,7 +37,7 @@ spec:
      name: a
    name: events
  iam:
-    permissionsBoundary: arn:aws:iam::000000000000:policy/boundaries
+    permissionsBoundary: arn:aws-test:iam::000000000000:policy/boundaries
  kubeAPIServer:
    serviceNodePortRange: 28000-32767
    auditWebhookBatchThrottleQps: 3.14
@ -125,7 +125,7 @@ spec:
    size: 20
    type: gp2
    encrypted: true
-    key: arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
+    key: arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
  additionalUserData:
  - name: myscript.sh
    type: text/x-shellscript
@ -152,7 +152,7 @@ spec:
  minSize: 1
  role: Master
  rootVolumeEncryption: true
-  rootVolumeEncryptionKey: arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
+  rootVolumeEncryptionKey: arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab
  subnets:
  - us-test-1a
  instanceMetadata:
--- a/tests/integration/update_cluster/complex/kubernetes.tf
+++ b/tests/integration/update_cluster/complex/kubernetes.tf
@ -302,7 +302,7 @@ resource "aws_iam_instance_profile" "nodes-complex-example-com" {
 resource "aws_iam_role" "masters-complex-example-com" {
  assume_role_policy   = file("${path.module}/data/aws_iam_role_masters.complex.example.com_policy")
  name                 = "masters.complex.example.com"
-  permissions_boundary = "arn:aws:iam::000000000000:policy/boundaries"
+  permissions_boundary = "arn:aws-test:iam::000000000000:policy/boundaries"
  tags = {
    "KubernetesCluster"                         = "complex.example.com"
    "Name"                                      = "masters.complex.example.com"
@ -315,7 +315,7 @@ resource "aws_iam_role" "masters-complex-example-com" {
 resource "aws_iam_role" "nodes-complex-example-com" {
  assume_role_policy   = file("${path.module}/data/aws_iam_role_nodes.complex.example.com_policy")
  name                 = "nodes.complex.example.com"
-  permissions_boundary = "arn:aws:iam::000000000000:policy/boundaries"
+  permissions_boundary = "arn:aws-test:iam::000000000000:policy/boundaries"
  tags = {
    "KubernetesCluster"                         = "complex.example.com"
    "Name"                                      = "nodes.complex.example.com"
@ -355,7 +355,7 @@ resource "aws_launch_template" "master-us-test-1a-masters-complex-example-com" {
      delete_on_termination = true
      encrypted             = true
      iops                  = 3000
-      kms_key_id            = "arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+      kms_key_id            = "arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
      throughput            = 125
      volume_size           = 64
      volume_type           = "gp3"
@ -457,7 +457,7 @@ resource "aws_launch_template" "nodes-complex-example-com" {
    ebs {
      delete_on_termination = true
      encrypted             = true
-      kms_key_id            = "arn:aws:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+      kms_key_id            = "arn:aws-test:kms:us-test-1:000000000000:key/1234abcd-12ab-34cd-56ef-1234567890ab"
      volume_size           = 20
      volume_type           = "gp2"
    }
@ -555,7 +555,7 @@ resource "aws_lb" "api-complex-example-com" {
 }

 resource "aws_lb_listener" "api-complex-example-com-443" {
-  certificate_arn = "arn:aws:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678"
+  certificate_arn = "arn:aws-test:acm:us-test-1:000000000000:certificate/123456789012-1234-1234-1234-12345678"
  default_action {
    target_group_arn = aws_lb_target_group.tls-complex-example-com-5nursn.id
    type             = "forward"
--- a/tests/integration/update_cluster/digit/data/aws_s3_bucket_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/digit/data/aws_s3_bucket_object_cluster-completed.spec_content
@ -46,7 +46,7 @@ spec:
    serviceAccountExternalPermissions:
    - aws:
        policyARNs:
-        - arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
+        - arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials
      name: myserviceaccount
      namespace: default
    - aws:
--- a/tests/integration/update_cluster/digit/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/digit/in-v1alpha2.yaml
@ -24,7 +24,7 @@ spec:
        namespace: default
        aws:
          policyARNs:
-          - arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
+          - arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials
      - name: myotherserviceaccount
        namespace: myapp
        aws:
--- a/tests/integration/update_cluster/digit/kubernetes.tf
+++ b/tests/integration/update_cluster/digit/kubernetes.tf
@ -349,8 +349,8 @@ resource "aws_iam_role_policy" "nodes-123-example-com" {
  role   = aws_iam_role.nodes-123-example-com.name
 }

-resource "aws_iam_role_policy_attachment" "external-myserviceaccount-default-sa-123-example-com-3186075376" {
-  policy_arn = "arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"
+resource "aws_iam_role_policy_attachment" "external-myserviceaccount-default-sa-123-example-com-3197825879" {
+  policy_arn = "arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials"
  role       = aws_iam_role.myserviceaccount-default-sa-123-example-com.name
 }

--- a/tests/integration/update_cluster/existing_iam/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/existing_iam/in-v1alpha2.yaml
@ -69,7 +69,7 @@ metadata:
  name: master-us-test-1a
 spec:
  iam:
-    profile: arn:aws:iam::4222917490108:instance-profile/kops-custom-master-role
+    profile: arn:aws-test:iam::4222917490108:instance-profile/kops-custom-master-role
  image: kope.io/k8s-1.14-debian-stretch-amd64-hvm-ebs-2019-08-16
  machineType: m3.medium
  maxSize: 1
@ -89,7 +89,7 @@ metadata:
  name: master-us-test-1b
 spec:
  iam:
-    profile: arn:aws:iam::4222917490108:instance-profile/kops-custom-master-role
+    profile: arn:aws-test:iam::4222917490108:instance-profile/kops-custom-master-role
  image: kope.io/k8s-1.14-debian-stretch-amd64-hvm-ebs-2019-08-16
  machineType: m3.medium
  maxSize: 1
@ -109,7 +109,7 @@ metadata:
  name: master-us-test-1c
 spec:
  iam:
-    profile: arn:aws:iam::4222917490108:instance-profile/kops-custom-master-role
+    profile: arn:aws-test:iam::4222917490108:instance-profile/kops-custom-master-role
  image: kope.io/k8s-1.14-debian-stretch-amd64-hvm-ebs-2019-08-16
  machineType: m3.medium
  maxSize: 1
@ -129,7 +129,7 @@ metadata:
  name: nodes
 spec:
  iam:
-    profile: arn:aws:iam::422917490108:instance-profile/kops-custom-node-role
+    profile: arn:aws-test:iam::422917490108:instance-profile/kops-custom-node-role
  image: kope.io/k8s-1.14-debian-stretch-amd64-hvm-ebs-2019-08-16
  machineType: t2.medium
  maxSize: 2
--- a/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml
@ -51,7 +51,7 @@ metadata:
 spec:
  associatePublicIp: true
  iam:
-    profile: arn:aws:iam::422917490108:instance-profile/kops-custom-node-role
+    profile: arn:aws-test:iam::422917490108:instance-profile/kops-custom-node-role
  image: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2016-10-21
  machineType: t2.medium
  maxSize: 2
@ -72,7 +72,7 @@ metadata:
 spec:
  associatePublicIp: true
  iam:
-    profile: arn:aws:iam::422917490108:instance-profile/kops-custom-master-role
+    profile: arn:aws-test:iam::422917490108:instance-profile/kops-custom-master-role
  image: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2016-10-21
  machineType: m3.medium
  maxSize: 1
--- a/tests/integration/update_cluster/externallb/cloudformation.json
+++ b/tests/integration/update_cluster/externallb/cloudformation.json
@ -95,9 +95,9 @@
          "my-external-elb-3"
        ],
        "TargetGroupARNs": [
-          "arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1",
-          "arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-2/2",
-          "arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-3/3"
+          "arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1",
+          "arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-2/2",
+          "arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-3/3"
        ]
      }
    },
@ -179,7 +179,7 @@
          "my-external-elb-1"
        ],
        "TargetGroupARNs": [
-          "arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1"
+          "arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1"
        ]
      }
    },
--- a/tests/integration/update_cluster/externallb/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/externallb/in-v1alpha2.yaml
@ -58,7 +58,7 @@ spec:
  subnets:
  - us-test-1a
  externalLoadBalancers:
-  - targetGroupArn: arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1
+  - targetGroupArn: arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1
  - loadBalancerName: my-external-elb-1

 ---
@ -80,9 +80,9 @@ spec:
  subnets:
  - us-test-1a
  externalLoadBalancers:
-  - targetGroupArn: arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-2/2
-  - targetGroupArn: arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1
-  - targetGroupArn: arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-3/3
+  - targetGroupArn: arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-2/2
+  - targetGroupArn: arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1
+  - targetGroupArn: arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-3/3
  - loadBalancerName: my-external-elb-2
  - loadBalancerName: my-external-elb-1
  - loadBalancerName: my-external-elb-3
--- a/tests/integration/update_cluster/externallb/kubernetes.tf
+++ b/tests/integration/update_cluster/externallb/kubernetes.tf
@ -147,7 +147,7 @@ resource "aws_autoscaling_group" "master-us-test-1a-masters-externallb-example-c
    propagate_at_launch = true
    value               = "owned"
  }
-  target_group_arns   = ["arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1", "arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-2/2", "arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-3/3"]
+  target_group_arns   = ["arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1", "arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-2/2", "arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-3/3"]
  vpc_zone_identifier = [aws_subnet.us-test-1a-externallb-example-com.id]
 }

@ -198,7 +198,7 @@ resource "aws_autoscaling_group" "nodes-externallb-example-com" {
    propagate_at_launch = true
    value               = "owned"
  }
-  target_group_arns   = ["arn:aws:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1"]
+  target_group_arns   = ["arn:aws-test:elasticloadbalancing:us-test-1:000000000000:targetgroup/my-external-tg-1/1"]
  vpc_zone_identifier = [aws_subnet.us-test-1a-externallb-example-com.id]
 }

--- a/tests/integration/update_cluster/externalpolicies/data/aws_s3_bucket_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/externalpolicies/data/aws_s3_bucket_object_cluster-completed.spec_content
@ -51,11 +51,11 @@ spec:
    provider: dns-controller
  externalPolicies:
    bastion:
-    - arn:aws:iam::123456789000:policy/test-policy
+    - arn:aws-test:iam::123456789000:policy/test-policy
    master:
-    - arn:aws:iam::123456789000:policy/test-policy
+    - arn:aws-test:iam::123456789000:policy/test-policy
    node:
-    - arn:aws:iam::123456789000:policy/test-policy
+    - arn:aws-test:iam::123456789000:policy/test-policy
  iam:
    legacy: false
  keyStore: memfs://clusters.example.com/externalpolicies.example.com/pki
--- a/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml
@ -50,11 +50,11 @@ spec:
    nodes: public
  externalPolicies:
    node:
-      - arn:aws:iam::123456789000:policy/test-policy
+      - arn:aws-test:iam::123456789000:policy/test-policy
    master:
-      - arn:aws:iam::123456789000:policy/test-policy
+      - arn:aws-test:iam::123456789000:policy/test-policy
    bastion:
-      - arn:aws:iam::123456789000:policy/test-policy
+      - arn:aws-test:iam::123456789000:policy/test-policy
  subnets:
  - cidr: 172.20.32.0/19
    name: us-test-1a
--- a/tests/integration/update_cluster/externalpolicies/kubernetes.tf
+++ b/tests/integration/update_cluster/externalpolicies/kubernetes.tf
@ -344,13 +344,13 @@ resource "aws_iam_role_policy" "nodes-externalpolicies-example-com" {
  role   = aws_iam_role.nodes-externalpolicies-example-com.name
 }

-resource "aws_iam_role_policy_attachment" "master-policyoverride-1242070525" {
-  policy_arn = "arn:aws:iam::123456789000:policy/test-policy"
+resource "aws_iam_role_policy_attachment" "master-policyoverride-1544513530" {
+  policy_arn = "arn:aws-test:iam::123456789000:policy/test-policy"
  role       = aws_iam_role.masters-externalpolicies-example-com.name
 }

-resource "aws_iam_role_policy_attachment" "node-policyoverride-1242070525" {
-  policy_arn = "arn:aws:iam::123456789000:policy/test-policy"
+resource "aws_iam_role_policy_attachment" "node-policyoverride-1544513530" {
+  policy_arn = "arn:aws-test:iam::123456789000:policy/test-policy"
  role       = aws_iam_role.nodes-externalpolicies-example-com.name
 }

--- a/tests/integration/update_cluster/irsa/data/aws_s3_bucket_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/irsa/data/aws_s3_bucket_object_cluster-completed.spec_content
@ -46,12 +46,12 @@ spec:
    serviceAccountExternalPermissions:
    - aws:
        policyARNs:
-        - arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
+        - arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials
      name: myserviceaccount
      namespace: default
    - aws:
        policyARNs:
-        - arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
+        - arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials
      name: myserviceaccount
      namespace: test-*
    - aws:
--- a/tests/integration/update_cluster/irsa/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/irsa/in-v1alpha2.yaml
@ -24,12 +24,12 @@ spec:
        namespace: default
        aws:
          policyARNs:
-          - arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
+          - arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials
      - name: myserviceaccount
        namespace: test-*
        aws:
          policyARNs:
-          - arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
+          - arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials
      - name: myotherserviceaccount
        namespace: myapp
        aws:
--- a/tests/integration/update_cluster/irsa/kubernetes.tf
+++ b/tests/integration/update_cluster/irsa/kubernetes.tf
@ -369,13 +369,13 @@ resource "aws_iam_role_policy" "nodes-minimal-example-com" {
  role   = aws_iam_role.nodes-minimal-example-com.name
 }

-resource "aws_iam_role_policy_attachment" "external-myserviceaccount-default-sa-minimal-example-com-3186075376" {
-  policy_arn = "arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"
+resource "aws_iam_role_policy_attachment" "external-myserviceaccount-default-sa-minimal-example-com-3197825879" {
+  policy_arn = "arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials"
  role       = aws_iam_role.myserviceaccount-default-sa-minimal-example-com.name
 }

-resource "aws_iam_role_policy_attachment" "external-myserviceaccount-test-wildcard-sa-minimal-example-com-3186075376" {
-  policy_arn = "arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"
+resource "aws_iam_role_policy_attachment" "external-myserviceaccount-test-wildcard-sa-minimal-example-com-3197825879" {
+  policy_arn = "arn:aws-test:iam::123456789012:policy/UsersManageOwnCredentials"
  role       = aws_iam_role.myserviceaccount-test-wildcard-sa-minimal-example-com.name
 }