From 952f9913a83959264bf120983b2f010733e0b903 Mon Sep 17 00:00:00 2001
From: Amanuel Engeda <74629455+engedaam@users.noreply.github.com>
Date: Tue, 1 Aug 2023 11:59:43 -0700
Subject: [PATCH] ci: Update Resource IMDSv1 Permissions  (#4360)

---
 test/cloudformation/iam_cloudformation.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/cloudformation/iam_cloudformation.yaml b/test/cloudformation/iam_cloudformation.yaml
index cf71de1daa60..612fd66e0f1b 100644
--- a/test/cloudformation/iam_cloudformation.yaml
+++ b/test/cloudformation/iam_cloudformation.yaml
@@ -466,14 +466,14 @@ Resources:
           - Effect: Deny
             Action:
               - ec2:RunInstances
-            Resource: "*"
+            Resource: !Sub "arn:${AWS::Partition}:ec2:*:${AWS::AccountId}:instance/*"
             Condition:
               StringNotEquals:
                 ec2:MetadataHttpTokens: required
           - Effect: Deny
             Action:
               - ec2:ModifyInstanceMetadataOptions
-            Resource: "*"
+            Resource: !Sub "arn:${AWS::Partition}:ec2:*:${AWS::AccountId}:instance/*"
             Condition:
               StringEquals:
                 ec2:Attribute: HttpTokens