feat(iam): allow creating service principal using custom name (#31793)

### Issue # (if applicable)

Closes #31767

### Reason for this change
To add a function that allow customers to create ServicePrinciple construct using custom name as an escape hatch if some service is using principle name that does not follow the IAM recommended pattern which is `<service>.amazonaws.com`

### Checklist
- [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.emr-service-principal-cn-partition.js.snapshot/EmrServicePrincipalAssertionStack.template.json

@@ -0,0 +1,146 @@
+{
+ "Resources": {
+  "AwsApiCallEmrListInstances7148b2708368b732757abfe94a83ccbf": {
+   "Type": "Custom::DeployAssert@SdkCallEmrListInstances",
+   "Properties": {
+    "ServiceToken": {
+     "Fn::GetAtt": [
+      "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F",
+      "Arn"
+     ]
+    },
+    "service": "Emr",
+    "api": "ListInstances",
+    "expected": "{\"$StringLike\":\".+\"}",
+    "actualPath": "Instances.0.Ec2InstanceId",
+    "parameters": {
+     "ClusterId": {
+      "Fn::Join": [
+       "",
+       [
+        "\"",
+        {
+         "Fn::ImportValue": "EmrServicePrincipalTestingStack:ExportsOutputRefEMRCluster36C637E3"
+        },
+        "\""
+       ]
+      ]
+     },
+     "InstanceGroupTypes": "[\"MASTER\",\"CORE\"]"
+    },
+    "flattenResponse": "true",
+    "outputPaths": [
+     "Instances.0.Ec2InstanceId"
+    ],
+    "salt": "1729161612752"
+   },
+   "UpdateReplacePolicy": "Delete",
+   "DeletionPolicy": "Delete"
+  },
+  "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73": {
+   "Type": "AWS::IAM::Role",
+   "Properties": {
+    "AssumeRolePolicyDocument": {
+     "Version": "2012-10-17",
+     "Statement": [
+      {
+       "Action": "sts:AssumeRole",
+       "Effect": "Allow",
+       "Principal": {
+        "Service": "lambda.amazonaws.com"
+       }
+      }
+     ]
+    },
+    "ManagedPolicyArns": [
+     {
+      "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+     }
+    ],
+    "Policies": [
+     {
+      "PolicyName": "Inline",
+      "PolicyDocument": {
+       "Version": "2012-10-17",
+       "Statement": [
+        {
+         "Action": [
+          "elasticmapreduce:ListInstances"
+         ],
+         "Effect": "Allow",
+         "Resource": [
+          "*"
+         ]
+        }
+       ]
+      }
+     }
+    ]
+   }
+  },
+  "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F": {
+   "Type": "AWS::Lambda::Function",
+   "Properties": {
+    "Runtime": "nodejs18.x",
+    "Code": {
+     "S3Bucket": {
+      "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-cn-north-1"
+     },
+     "S3Key": "30e7020514effbaf2e0bf3983c7c37c6733aec254148a8f866da92fbbd7a4fb6.zip"
+    },
+    "Timeout": 120,
+    "Handler": "index.handler",
+    "Role": {
+     "Fn::GetAtt": [
+      "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73",
+      "Arn"
+     ]
+    }
+   }
+  }
+ },
+ "Outputs": {
+  "AssertionResultsAwsApiCallEmrListInstances7148b2708368b732757abfe94a83ccbf": {
+   "Value": {
+    "Fn::GetAtt": [
+     "AwsApiCallEmrListInstances7148b2708368b732757abfe94a83ccbf",
+     "assertion"
+    ]
+   }
+  }
+ },
+ "Parameters": {
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.emr-service-principal-cn-partition.js.snapshot/EmrServicePrincipalTestingStack.template.json

@@ -0,0 +1,162 @@
+{
+ "Resources": {
+  "EMRServiceRole2CF24E74": {
+   "Type": "AWS::IAM::Role",
+   "Properties": {
+    "AssumeRolePolicyDocument": {
+     "Statement": [
+      {
+       "Action": "sts:AssumeRole",
+       "Effect": "Allow",
+       "Principal": {
+        "Service": "elasticmapreduce.amazonaws.com.cn"
+       }
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "ManagedPolicyArns": [
+     {
+      "Fn::Join": [
+       "",
+       [
+        "arn:",
+        {
+         "Ref": "AWS::Partition"
+        },
+        ":iam::aws:policy/service-role/AmazonElasticMapReduceRole"
+       ]
+      ]
+     }
+    ]
+   }
+  },
+  "EMRJobFlowRole209C81EE": {
+   "Type": "AWS::IAM::Role",
+   "Properties": {
+    "AssumeRolePolicyDocument": {
+     "Statement": [
+      {
+       "Action": "sts:AssumeRole",
+       "Effect": "Allow",
+       "Principal": {
+        "Service": "ec2.amazonaws.com"
+       }
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "ManagedPolicyArns": [
+     {
+      "Fn::Join": [
+       "",
+       [
+        "arn:",
+        {
+         "Ref": "AWS::Partition"
+        },
+        ":iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role"
+       ]
+      ]
+     }
+    ]
+   }
+  },
+  "EMRJobFlowProfile": {
+   "Type": "AWS::IAM::InstanceProfile",
+   "Properties": {
+    "InstanceProfileName": "EMRJobFlowProfile_",
+    "Roles": [
+     {
+      "Ref": "EMRJobFlowRole209C81EE"
+     }
+    ]
+   }
+  },
+  "SSHKey": {
+   "Type": "AWS::EC2::KeyPair",
+   "Properties": {
+    "KeyName": "TestingSSHKey"
+   }
+  },
+  "EMRCluster": {
+   "Type": "AWS::EMR::Cluster",
+   "Properties": {
+    "Applications": [
+     {
+      "Name": "Spark"
+     }
+    ],
+    "Instances": {
+     "CoreInstanceGroup": {
+      "InstanceCount": 1,
+      "InstanceType": "m5.xlarge"
+     },
+     "Ec2KeyName": {
+      "Ref": "SSHKey"
+     },
+     "Ec2SubnetId": "subnet-0dff1a399d8f6f92c",
+     "HadoopVersion": "Amazon",
+     "KeepJobFlowAliveWhenNoSteps": false,
+     "MasterInstanceGroup": {
+      "InstanceCount": 1,
+      "InstanceType": "m5.xlarge"
+     },
+     "TerminationProtected": false
+    },
+    "JobFlowRole": {
+     "Ref": "EMRJobFlowProfile"
+    },
+    "Name": "My first cluster",
+    "ReleaseLabel": "emr-6.4.0",
+    "ServiceRole": {
+     "Ref": "EMRServiceRole2CF24E74"
+    }
+   }
+  }
+ },
+ "Outputs": {
+  "ExportsOutputRefEMRCluster36C637E3": {
+   "Value": {
+    "Ref": "EMRCluster"
+   },
+   "Export": {
+    "Name": "EmrServicePrincipalTestingStack:ExportsOutputRefEMRCluster36C637E3"
+   }
+  }
+ },
+ "Parameters": {
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}