From b0ee9225ed2e593da3ea243f5f58ca737cd55c3f Mon Sep 17 00:00:00 2001
From: cmdallas <self@chrisdallas.tech>
Date: Mon, 9 Nov 2020 02:20:51 -0800
Subject: [PATCH] (eksconfig): update valid ec2 service principals (#184)

---
 eksconfig/add-on-node-groups.go | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/eksconfig/add-on-node-groups.go b/eksconfig/add-on-node-groups.go
index 35e7fcd93..f0ea35b29 100644
--- a/eksconfig/add-on-node-groups.go
+++ b/eksconfig/add-on-node-groups.go
@@ -208,14 +208,17 @@ func (cfg *Config) validateAddOnNodeGroups() error {
 				})
 			*/
 			found := false
+			validSps := []string{"ec2.amazonaws.com", "ec2.amazonaws.com.cn", "ec2.c2s.ic.gov", "ec2.sc2s.sgov.gov"}
 			for _, pv := range cfg.AddOnNodeGroups.RoleServicePrincipals {
-				if pv == "ec2.amazonaws.com" || pv == "ec2.amazonaws.com.cn" {
-					found = true
-					break
+				for _, vsp := range validSps {
+					if pv == vsp {
+						found = true
+						break
+					}
 				}
 			}
 			if !found {
-				return fmt.Errorf("AddOnNodeGroups.RoleServicePrincipals %q must include 'ec2.amazonaws.com' or 'ec2.amazonaws.com.cn'", cfg.AddOnNodeGroups.RoleServicePrincipals)
+				return fmt.Errorf("AddOnNodeGroups.RoleServicePrincipals %q must include one of: %q", cfg.AddOnNodeGroups.RoleServicePrincipals, validSps)
 			}
 		}