diff --git a/aws/data_aws_unity_catalog_policy.go b/aws/data_aws_unity_catalog_policy.go index 8a7422b06..bb36650ab 100644 --- a/aws/data_aws_unity_catalog_policy.go +++ b/aws/data_aws_unity_catalog_policy.go @@ -98,7 +98,10 @@ func generateReadContext(ctx context.Context, d *schema.ResourceData, m *common. "sqs:ListQueueTags", "sns:ListTopics", }, - Resources: "*", + Resources: []string{ + fmt.Sprintf("arn:%s:sqs:*:*:csms-*", awsPartition), + fmt.Sprintf("arn:%s:sns:*:*:csms-*", awsPartition), + }, }, &awsIamPolicyStatement{ Sid: "ManagedFileEventsTeardownStatement", diff --git a/aws/data_aws_unity_catalog_policy_test.go b/aws/data_aws_unity_catalog_policy_test.go index 39511067b..074327643 100644 --- a/aws/data_aws_unity_catalog_policy_test.go +++ b/aws/data_aws_unity_catalog_policy_test.go @@ -98,7 +98,10 @@ func TestDataAwsUnityCatalogPolicy(t *testing.T) { "sqs:ListQueueTags", "sns:ListTopics" ], - "Resource": "*" + "Resource": [ + "arn:aws:sqs:*:*:csms-*", + "arn:aws:sns:*:*:csms-*" + ] }, { "Sid": "ManagedFileEventsTeardownStatement", @@ -208,7 +211,10 @@ func TestDataAwsUnityCatalogPolicyFullKms(t *testing.T) { "sqs:ListQueueTags", "sns:ListTopics" ], - "Resource": "*" + "Resource": [ + "arn:aws:sqs:*:*:csms-*", + "arn:aws:sns:*:*:csms-*" + ] }, { "Sid": "ManagedFileEventsTeardownStatement", @@ -306,7 +312,10 @@ func TestDataAwsUnityCatalogPolicyWithoutKMS(t *testing.T) { "sqs:ListQueueTags", "sns:ListTopics" ], - "Resource": "*" + "Resource": [ + "arn:aws:sqs:*:*:csms-*", + "arn:aws:sns:*:*:csms-*" + ] }, { "Sid": "ManagedFileEventsTeardownStatement", @@ -417,7 +426,10 @@ func TestDataAwsUnityCatalogPolicyPartionGov(t *testing.T) { "sqs:ListQueueTags", "sns:ListTopics" ], - "Resource": "*" + "Resource": [ + "arn:aws-us-gov:sqs:*:*:csms-*", + "arn:aws-us-gov:sns:*:*:csms-*" + ] }, { "Sid": "ManagedFileEventsTeardownStatement",