Cannot Override STS Environment Variable #2802
Comments
matty234
added
bug
|
Hi @matty234, In your env variable setup you are both setting custom endpoints and also using
When I run this code, with your env variables (excluding package main
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/sts"
"log"
)
func main() {
cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion("us-blah-2"), config.WithClientLogMode(aws.LogRequestWithBody))
if err != nil {
log.Fatalf("unable to load SDK config, %v", err)
}
svc := sts.NewFromConfig(cfg)
_, err = svc.GetCallerIdentity(context.TODO(), &sts.GetCallerIdentityInput{})
if err != nil {
fmt.Println("Got an error getting the caller identity:")
fmt.Println(err)
return
}
}And: $ AWS_ENDPOINT_URL_STS="sdfsdf.com" AWS_STS_REGIONAL_ENDPOINTS="global" AWS_ENDPOINT_URL="sdfsdf.com" go run main.go
Got an error getting the caller identity:
operation error STS: GetCallerIdentity, unsupported protocol scheme ""The error at the end tells you that If you supply your endpoint in the correct format it will work, and the SDK request logger would print the correct host the request is being routed to: $ AWS_ENDPOINT_URL_STS="https://sdfsdf.com" AWS_STS_REGIONAL_ENDPOINTS="global" AWS_ENDPOINT_URL="https://sdfsdf.com" go run main.go
SDK 2024/09/24 18:59:07 DEBUG Request
POST / HTTP/1.1
Host: sdfsdf.com
User-Agent: m/E aws-sdk-go-v2/1.30.4 os/macos lang/go#1.19.1 md/GOOS#darwin md/GOARCH#arm64 api/sts#1.30.5
Content-Length: 43
Amz-Sdk-Invocation-Id: REDACTED
Amz-Sdk-Request: attempt=1; max=3
Authorization: AWS4-HMAC-SHA256 Credential=REDACTED/20240925/us-blah-2/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date, Signature=REDACTED
Content-Type: application/x-www-form-urlencoded
X-Amz-Date: 20240925T015907Z
Accept-Encoding: gzipI hope I understood the issue you were having. If I were off track please feel free to provide more info. Thanks, |
RanVaknin
added
response-requested
|
This issue has not received a response in 1 week. If you want to keep this issue open, please just leave a comment below and auto-close will be canceled. |
github-actions
bot
added
closing-soon
Acknowledgements
go get -u github.com/aws/aws-sdk-go-v2/...)Describe the bug
It's not possible to provide an override for the STS endpoint. If you supply the
AWS_ENDPOINT_URL_STSandAWS_STS_REGIONAL_ENDPOINTS="global"environment variables it will still try to use sts..amazonaws.com. This is possible to override by changing the AWS config.Regression Issue
Expected Behavior
When an AWS_ENDPOINT_URL_STS environment variable is supplied with AWS_STS_REGIONAL_ENDPOINTS set to global, the provided endpoint should be used.
Current Behavior
The AWS STS endpoint is always used.
Reproduction Steps
I created a Gist here https://gist.github.com/matty234/3ed5fe6d13a0555a1ee8050021bd7f60. When run the the sts endpoint is still used:
➜ stsstufff env AWS_ENDPOINT_URL_STS="https://sdfsdf.com" AWS_STS_REGIONAL_ENDPOINTS="global" AWS_IGNORE_CONFIGURED_ENDPOINT_URLS=true AWS_ENDPOINT_URL="https://sdfsdf.com" go run .
Got an error getting the caller identity:
operation error STS: GetCallerIdentity, https response error StatusCode: 0, RequestID: , request send failed, Post "https://sts.us-blah-2.amazonaws.com/": dial tcp: lookup sts.us-blah-2.amazonaws.com: no such host
Possible Solution
No response
Additional Information/Context
I'm happy to build a solution but I wanted to check I wasn't missing something!
AWS Go SDK V2 Module Versions Used
Compiler and Version used
go version go1.22.2 darwin/arm64
Operating System and version
MacOS
The text was updated successfully, but these errors were encountered: