From fad9c79862e7a8c2ef360f43462e70af9d2c161c Mon Sep 17 00:00:00 2001
From: Hanwen <hanwenli@amazon.com>
Date: Thu, 25 Jul 2024 10:22:46 -0700
Subject: [PATCH] [integ-tests] Fix AD integration test in iso regions

iso regions don't support tagging certificates. Therefore, the condition in IAM policy is too restrictive in iso reginos

Signed-off-by: Hanwen <hanwenli@amazon.com>
---
 cloudformation/ad/ad-integration.yaml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/cloudformation/ad/ad-integration.yaml b/cloudformation/ad/ad-integration.yaml
index 53aa6ff6ed..7e9e95653e 100644
--- a/cloudformation/ad/ad-integration.yaml
+++ b/cloudformation/ad/ad-integration.yaml
@@ -708,9 +708,6 @@ Resources:
                   - iam:UploadServerCertificate
                   - iam:TagServerCertificate
                 Resource: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:server-certificate/*
-                Condition:
-                  StringEquals:
-                    aws:RequestTag/StackId: !Sub ${AWS::StackId}
               - Effect: Allow
                 Action:
                   - secretsmanager:GetSecretValue