diff --git a/service/controller/key/provider.go b/service/controller/key/provider.go
index ed09ee2e2..60d3e3c6d 100644
--- a/service/controller/key/provider.go
+++ b/service/controller/key/provider.go
@@ -1,5 +1,11 @@
 package key
 
+import "strings"
+
 func IsAWS(provider string) bool {
 	return provider == "aws"
 }
+
+func IsAWSChina(region string) bool {
+	return strings.HasPrefix(region, "cn-")
+}
diff --git a/service/controller/resource/clusterconfigmap/desired.go b/service/controller/resource/clusterconfigmap/desired.go
index abe5e4a2c..39f31953e 100644
--- a/service/controller/resource/clusterconfigmap/desired.go
+++ b/service/controller/resource/clusterconfigmap/desired.go
@@ -151,14 +151,16 @@ func (r *Resource) GetDesiredState(ctx context.Context, obj interface{}) ([]*cor
 		externalDnsValues["aws"] = map[string]interface{}{
 			"batchChangeInterval": nil,
 		}
-		externalDnsValues["serviceAccount"] = map[string]interface{}{
-			"annotations": map[string]interface{}{
-				"eks.amazonaws.com/role-arn": fmt.Sprintf("arn:aws:iam::%s:role/%s-Route53Manager-Role", accountID, key.ClusterID(&cr)),
-			},
-		}
 		externalDnsValues["domainFilters"] = []string{
 			key.TenantEndpoint(&cr, bd),
 		}
+		if !key.IsAWSChina(awsCluster.Spec.Provider.Region) {
+			externalDnsValues["serviceAccount"] = map[string]interface{}{
+				"annotations": map[string]interface{}{
+					"eks.amazonaws.com/role-arn": fmt.Sprintf("arn:aws:iam::%s:role/%s-Route53Manager-Role", accountID, key.ClusterID(&cr)),
+				},
+			}
+		}
 	}
 
 	ciliumValues := map[string]interface{}{