generated from hashicorp/packer-plugin-scaffolding
-
Notifications
You must be signed in to change notification settings - Fork 117
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
common: use regional STS on non-default regions
STS is the service used by AWS for emitting authentication tokens for API clients. This comes in two variants: v1 (global) and v2 (regional). As of today (2024-04-24), the default for the Go SDK is "legacy", i.e. if the connection is used to communicate with a non-default region it will use a regional endpoint, otherwise it'll use the global endpoint. Builds are generally not affected by operations like these as the SDK will pick the right type of endpoint for that, but problems may arise later, when copying AMIs for example, as they will need tokens compatible with both the source and destination regions. This means that if the build was performed in a default region, then copied to a non-default region, we'll have gotten a v1 (global) token, which will be rejected by the target region, causing the build to fail. This is already fixable by user-action, through either a setting in their AWS config file, or through an environment variable, but this may come as a surprise if users aren't aware of that pitfall. Therefore, this commit attempts to heuristically determine if an action may fail in the process, and enable regional endpoints for the EC2 session we create during a build. Note: the volume builder and the post-processor are not affected by this, as they only work within one region at a time, so the SDK will choose the right type of endpoint/token for the action, and no cross-region action will be done.
- Loading branch information
1 parent
abeb4a7
commit a15d4c2
Showing
7 changed files
with
151 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters