Update data-lakes-manual-setup.md (#4756)

Ryan Aston · markzegarelli · web-flow · commit 1f4e809012a0 · 2023-05-18T13:14:58.000-07:00
Consolidated IAM role setup for US and EU

Co-authored-by: markzegarelli &lt;mark.zegarelli@segment.com&gt;
diff --git a/src/connections/storage/data-lakes/data-lakes-manual-setup.md b/src/connections/storage/data-lakes/data-lakes-manual-setup.md
@@ -91,7 +91,7 @@ The following steps provide examples of the IAM Role and IAM Policy.
 
 Create a `segment-data-lake-role` for Segment to assume. The trust relationship document you attach to the role will be different depending on your workspace region. 
 
-#### IAM role for Data Lakes created in US workspaces:
+#### IAM role for Data Lakes:
 
 Attach the following trust relationship document to the role to create a `segment-data-lake-role` role for Segment:
 
@@ -104,9 +104,7 @@ Attach the following trust relationship document to the role to create a `segmen
       "Effect": "Allow",
       "Principal": {
         "AWS": [
-          "arn:aws:iam::294048959147:role/customer-datalakes-prod-admin",
-          "arn:aws:iam::294048959147:role/datalakes-aws-worker",
-          "arn:aws:iam::294048959147:role/datalakes-customer-service"
+          "arn:aws:iam::595280932656:role/segment-datalakes-production-access"
         ]
       },
       "Action": "sts:AssumeRole",
@@ -125,41 +123,6 @@ Attach the following trust relationship document to the role to create a `segmen
 > note ""
 > Replace the `ExternalID` list with the Segment `WorkspaceID` that contains the sources to sync to the Data Lake.
 
-#### IAM role for Data Lakes created in EU workspaces:
-
-> info ""
-> EU workspaces are currently in beta. If you would like to learn more about the beta, please contact your account manager. 
-
-Attach the following trust relationship document to the role to create a `segment-data-lake-role` role for Segment.
-
-```json
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Sid": "",
-      "Effect": "Allow",
-      "Principal": {
-        "AWS": [
-          "arn:aws:iam::595280932656:role/segment-datalakes-production-access",
-        ]
-      },
-      "Action": "sts:AssumeRole",
-      "Condition": {
-        "StringEquals": {
-          "sts:ExternalId": [
-            "WORKSPACE_ID"
-          ]
-        }
-      }
-    }
-  ]
-}
-```
-
-> note ""
-> **NOTE:** Replace the `ExternalID` list with the Segment `WorkspaceID` that contains the sources to sync to the Data Lake.
-
 ### IAM policy
 
 Add a policy to the role created above to give Segment access to the relevant Glue databases and tables, EMR cluster, and S3.
