From 282b0b4bf8b812af944ce8fe2a40ae260341582a Mon Sep 17 00:00:00 2001
From: Petr Ruzicka <petr.ruzicka@gmail.com>
Date: Mon, 8 Apr 2024 08:22:49 +0200
Subject: [PATCH] chore: Use "${KarpenterNodeRole.Arn}" in policy definition
 (#5976)

---
 .../getting-started-with-karpenter/cloudformation.yaml        | 4 ++--
 website/content/en/docs/reference/cloudformation.md           | 2 +-
 .../getting-started-with-karpenter/cloudformation.yaml        | 2 +-
 website/content/en/preview/reference/cloudformation.md        | 2 +-
 .../getting-started-with-karpenter/cloudformation.yaml        | 4 ++--
 website/content/en/v0.32/reference/cloudformation.md          | 2 +-
 .../getting-started-with-karpenter/cloudformation.yaml        | 4 ++--
 website/content/en/v0.33/reference/cloudformation.md          | 2 +-
 .../getting-started-with-karpenter/cloudformation.yaml        | 4 ++--
 website/content/en/v0.34/reference/cloudformation.md          | 2 +-
 .../getting-started-with-karpenter/cloudformation.yaml        | 4 ++--
 website/content/en/v0.35/reference/cloudformation.md          | 2 +-
 12 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/website/content/en/docs/getting-started/getting-started-with-karpenter/cloudformation.yaml b/website/content/en/docs/getting-started/getting-started-with-karpenter/cloudformation.yaml
index 207761007d2d..842594aa1102 100644
--- a/website/content/en/docs/getting-started/getting-started-with-karpenter/cloudformation.yaml
+++ b/website/content/en/docs/getting-started/getting-started-with-karpenter/cloudformation.yaml
@@ -202,7 +202,7 @@ Resources:
             {
               "Sid": "AllowPassingInstanceRole",
               "Effect": "Allow",
-              "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+              "Resource": "${KarpenterNodeRole.Arn}",
               "Action": "iam:PassRole",
               "Condition": {
                 "StringEquals": {
@@ -344,4 +344,4 @@ Resources:
           - EC2 Instance State-change Notification
       Targets:
         - Id: KarpenterInterruptionQueueTarget
-          Arn: !GetAtt KarpenterInterruptionQueue.Arn
\ No newline at end of file
+          Arn: !GetAtt KarpenterInterruptionQueue.Arn
diff --git a/website/content/en/docs/reference/cloudformation.md b/website/content/en/docs/reference/cloudformation.md
index e764749ecbd1..6811706dbea7 100644
--- a/website/content/en/docs/reference/cloudformation.md
+++ b/website/content/en/docs/reference/cloudformation.md
@@ -363,7 +363,7 @@ This gives EC2 permission explicit permission to use the `KarpenterNodeRole-${Cl
 {
   "Sid": "AllowPassingInstanceRole",
   "Effect": "Allow",
-  "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+  "Resource": "${KarpenterNodeRole.Arn}",
   "Action": "iam:PassRole",
   "Condition": {
     "StringEquals": {
diff --git a/website/content/en/preview/getting-started/getting-started-with-karpenter/cloudformation.yaml b/website/content/en/preview/getting-started/getting-started-with-karpenter/cloudformation.yaml
index 207761007d2d..f80755267455 100644
--- a/website/content/en/preview/getting-started/getting-started-with-karpenter/cloudformation.yaml
+++ b/website/content/en/preview/getting-started/getting-started-with-karpenter/cloudformation.yaml
@@ -202,7 +202,7 @@ Resources:
             {
               "Sid": "AllowPassingInstanceRole",
               "Effect": "Allow",
-              "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+              "Resource": "${KarpenterNodeRole.Arn}",
               "Action": "iam:PassRole",
               "Condition": {
                 "StringEquals": {
diff --git a/website/content/en/preview/reference/cloudformation.md b/website/content/en/preview/reference/cloudformation.md
index 1a984bbdb671..c2f515e46e0d 100644
--- a/website/content/en/preview/reference/cloudformation.md
+++ b/website/content/en/preview/reference/cloudformation.md
@@ -363,7 +363,7 @@ This gives EC2 permission explicit permission to use the `KarpenterNodeRole-${Cl
 {
   "Sid": "AllowPassingInstanceRole",
   "Effect": "Allow",
-  "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+  "Resource": "${KarpenterNodeRole.Arn}",
   "Action": "iam:PassRole",
   "Condition": {
     "StringEquals": {
diff --git a/website/content/en/v0.32/getting-started/getting-started-with-karpenter/cloudformation.yaml b/website/content/en/v0.32/getting-started/getting-started-with-karpenter/cloudformation.yaml
index 6284f8738b95..967e703fb9e2 100644
--- a/website/content/en/v0.32/getting-started/getting-started-with-karpenter/cloudformation.yaml
+++ b/website/content/en/v0.32/getting-started/getting-started-with-karpenter/cloudformation.yaml
@@ -185,7 +185,7 @@ Resources:
             {
               "Sid": "AllowPassingInstanceRole",
               "Effect": "Allow",
-              "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+              "Resource": "${KarpenterNodeRole.Arn}",
               "Action": "iam:PassRole",
               "Condition": {
                 "StringEquals": {
@@ -327,4 +327,4 @@ Resources:
           - EC2 Instance State-change Notification
       Targets:
         - Id: KarpenterInterruptionQueueTarget
-          Arn: !GetAtt KarpenterInterruptionQueue.Arn
\ No newline at end of file
+          Arn: !GetAtt KarpenterInterruptionQueue.Arn
diff --git a/website/content/en/v0.32/reference/cloudformation.md b/website/content/en/v0.32/reference/cloudformation.md
index a14970e6e383..eabe68010866 100644
--- a/website/content/en/v0.32/reference/cloudformation.md
+++ b/website/content/en/v0.32/reference/cloudformation.md
@@ -337,7 +337,7 @@ This gives EC2 permission explicit permission to use the `KarpenterNodeRole-${Cl
 {
   "Sid": "AllowPassingInstanceRole",
   "Effect": "Allow",
-  "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+  "Resource": "${KarpenterNodeRole.Arn}",
   "Action": "iam:PassRole",
   "Condition": {
     "StringEquals": {
diff --git a/website/content/en/v0.33/getting-started/getting-started-with-karpenter/cloudformation.yaml b/website/content/en/v0.33/getting-started/getting-started-with-karpenter/cloudformation.yaml
index 94c233b7c6c8..b33ef3902001 100644
--- a/website/content/en/v0.33/getting-started/getting-started-with-karpenter/cloudformation.yaml
+++ b/website/content/en/v0.33/getting-started/getting-started-with-karpenter/cloudformation.yaml
@@ -186,7 +186,7 @@ Resources:
             {
               "Sid": "AllowPassingInstanceRole",
               "Effect": "Allow",
-              "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+              "Resource": "${KarpenterNodeRole.Arn}",
               "Action": "iam:PassRole",
               "Condition": {
                 "StringEquals": {
@@ -328,4 +328,4 @@ Resources:
           - EC2 Instance State-change Notification
       Targets:
         - Id: KarpenterInterruptionQueueTarget
-          Arn: !GetAtt KarpenterInterruptionQueue.Arn
\ No newline at end of file
+          Arn: !GetAtt KarpenterInterruptionQueue.Arn
diff --git a/website/content/en/v0.33/reference/cloudformation.md b/website/content/en/v0.33/reference/cloudformation.md
index 337e7ff8b866..4b31fe1b35d3 100644
--- a/website/content/en/v0.33/reference/cloudformation.md
+++ b/website/content/en/v0.33/reference/cloudformation.md
@@ -338,7 +338,7 @@ This gives EC2 permission explicit permission to use the `KarpenterNodeRole-${Cl
 {
   "Sid": "AllowPassingInstanceRole",
   "Effect": "Allow",
-  "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+  "Resource": "${KarpenterNodeRole.Arn}",
   "Action": "iam:PassRole",
   "Condition": {
     "StringEquals": {
diff --git a/website/content/en/v0.34/getting-started/getting-started-with-karpenter/cloudformation.yaml b/website/content/en/v0.34/getting-started/getting-started-with-karpenter/cloudformation.yaml
index 207761007d2d..842594aa1102 100644
--- a/website/content/en/v0.34/getting-started/getting-started-with-karpenter/cloudformation.yaml
+++ b/website/content/en/v0.34/getting-started/getting-started-with-karpenter/cloudformation.yaml
@@ -202,7 +202,7 @@ Resources:
             {
               "Sid": "AllowPassingInstanceRole",
               "Effect": "Allow",
-              "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+              "Resource": "${KarpenterNodeRole.Arn}",
               "Action": "iam:PassRole",
               "Condition": {
                 "StringEquals": {
@@ -344,4 +344,4 @@ Resources:
           - EC2 Instance State-change Notification
       Targets:
         - Id: KarpenterInterruptionQueueTarget
-          Arn: !GetAtt KarpenterInterruptionQueue.Arn
\ No newline at end of file
+          Arn: !GetAtt KarpenterInterruptionQueue.Arn
diff --git a/website/content/en/v0.34/reference/cloudformation.md b/website/content/en/v0.34/reference/cloudformation.md
index 012e25a9d323..a682546e02e2 100644
--- a/website/content/en/v0.34/reference/cloudformation.md
+++ b/website/content/en/v0.34/reference/cloudformation.md
@@ -363,7 +363,7 @@ This gives EC2 permission explicit permission to use the `KarpenterNodeRole-${Cl
 {
   "Sid": "AllowPassingInstanceRole",
   "Effect": "Allow",
-  "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+  "Resource": "${KarpenterNodeRole.Arn}",
   "Action": "iam:PassRole",
   "Condition": {
     "StringEquals": {
diff --git a/website/content/en/v0.35/getting-started/getting-started-with-karpenter/cloudformation.yaml b/website/content/en/v0.35/getting-started/getting-started-with-karpenter/cloudformation.yaml
index 207761007d2d..842594aa1102 100644
--- a/website/content/en/v0.35/getting-started/getting-started-with-karpenter/cloudformation.yaml
+++ b/website/content/en/v0.35/getting-started/getting-started-with-karpenter/cloudformation.yaml
@@ -202,7 +202,7 @@ Resources:
             {
               "Sid": "AllowPassingInstanceRole",
               "Effect": "Allow",
-              "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+              "Resource": "${KarpenterNodeRole.Arn}",
               "Action": "iam:PassRole",
               "Condition": {
                 "StringEquals": {
@@ -344,4 +344,4 @@ Resources:
           - EC2 Instance State-change Notification
       Targets:
         - Id: KarpenterInterruptionQueueTarget
-          Arn: !GetAtt KarpenterInterruptionQueue.Arn
\ No newline at end of file
+          Arn: !GetAtt KarpenterInterruptionQueue.Arn
diff --git a/website/content/en/v0.35/reference/cloudformation.md b/website/content/en/v0.35/reference/cloudformation.md
index e764749ecbd1..6811706dbea7 100644
--- a/website/content/en/v0.35/reference/cloudformation.md
+++ b/website/content/en/v0.35/reference/cloudformation.md
@@ -363,7 +363,7 @@ This gives EC2 permission explicit permission to use the `KarpenterNodeRole-${Cl
 {
   "Sid": "AllowPassingInstanceRole",
   "Effect": "Allow",
-  "Resource": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/KarpenterNodeRole-${ClusterName}",
+  "Resource": "${KarpenterNodeRole.Arn}",
   "Action": "iam:PassRole",
   "Condition": {
     "StringEquals": {