Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no quicksight fips endpoint configuration for aws-us-gov partition #5016

Closed
seanlogan-wh opened this issue Oct 9, 2023 · 3 comments
Closed

no quicksight fips endpoint configuration for aws-us-gov partition #5016

seanlogan-wh opened this issue Oct 9, 2023 · 3 comments
Assignees
@RanVaknin
Labels
bug This issue is a bug. p3 This is a minor priority issue response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.

Comments

@seanlogan-wh
Copy link

Describe the bug

setting UseFIPSEndpoint does not work for quicksight in the us-gov partition

Expected Behavior

the fips endpoint should be used

Current Behavior

The non fips url is used

Reproduction Steps

Steps in this previous issue

#4796

Possible Solution

Add fips endpoint to the endpoint.json

aws-sdk-go/models/endpoints/endpoints.json

Line 23229 in 592707c

"quicksight" : {

Additional Information/Context

There is now a fips endpoint available for quicksight in the us-gov-west-1 region

https://aws.amazon.com/compliance/fips/

SDK version used

v1.45.19

Environment details (Version of Go (go version)? OS name and version, etc.)

go version go1.20.3 darwin/amd64
@seanlogan-wh seanlogan-wh added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 9, 2023
@RanVaknin
Copy link
Contributor

Hi @seanlogan-wh ,

The SDK does support the new FIPS endpoint for us gov partitions:

package main

import (
	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/endpoints"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/quicksight"
)

func main() {
	sess, err := session.NewSession(&aws.Config{
		Region:          aws.String("us-gov-west-1"),
		UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled,
		LogLevel:        aws.LogLevel(aws.LogDebugWithHTTPBody),
	})
	if err != nil {
		panic(err)
	}

	svc := quicksight.New(sess)
	_, err = svc.ListDashboards(&quicksight.ListDashboardsInput{
		AwsAccountId: aws.String("1231331212123"),
	})
	if err != nil {
		panic(err)
	}
}
---[ REQUEST POST-SIGN ]-----------------------------
GET /accounts/1231331212123/dashboards HTTP/1.1
Host: quicksight-fips.us-gov-west-1.amazonaws.com     <---- correct endpoint
User-Agent: aws-sdk-go/1.45.20 (go1.19.1; darwin; arm64)
Authorization: AWS4-HMAC-SHA256 Credential=REDACTED/20231010/us-gov-west-1/quicksight/aws4_request, SignedHeaders=host;x-amz-date, Signature=REDACTED
X-Amz-Date: 20231010T203700Z
Accept-Encoding: gzip

Thanks,
Ran~

@RanVaknin RanVaknin self-assigned this Oct 10, 2023
@RanVaknin RanVaknin added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. p3 This is a minor priority issue and removed needs-triage This issue or PR still needs to be triaged. labels Oct 10, 2023
@seanlogan-wh
Copy link
Author

Thanks for the response. looks like i had an overriding config that was unsetting that flag.

@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@RanVaknin RanVaknin

Labels
bug This issue is a bug. p3 This is a minor priority issue response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RanVaknin @seanlogan-wh