From 65dcd063a852038fb64a73aa86f5634f044535f1 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Sat, 22 Apr 2023 18:53:21 -0400
Subject: [PATCH] update lambda role

---
 route53-zone-association/lambda-role/main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/route53-zone-association/lambda-role/main.tf b/route53-zone-association/lambda-role/main.tf
index 5cf777a..6cce023 100644
--- a/route53-zone-association/lambda-role/main.tf
+++ b/route53-zone-association/lambda-role/main.tf
@@ -31,7 +31,7 @@ data "aws_iam_policy_document" "assume_role" {
     actions = ["sts:AssumeRole"]
     principals {
       type        = "AWS"
-      identifiers = ["*"]
+      identifiers = [format("arn:%v:iam::*:role/r-inf-dynamic-route53-*", data.aws_arn.current.partition)]
     }
     condition {
       test     = "StringEquals"