JENKINS-63982 Support EC2/S3 Endpoints for AWS-CN Partition #531
Conversation
There was a problem hiding this comment.
How can I test it? I tried to set an alternate ec2 endpoint using https://ec2.cn-north-1.amazonaws.com.cn but the regions didn't get populated.
Do I have to be in China or china vpn or maybe some restriction I have?
I would like to take another approach to avoid the hack for comparing the region with cn-. For example by changing the connect method to pass to it the region instead of the endpoint, so the SDK is the one which calculate the final endpoint, not us. The only problem is how to pass the proxy configured in Jenkins.
AWS-CN is a different partition, you need to be operating in it (e.g. EC2 Instance locally, or AWS-CN IAM Credentials). If you have AWS "global" credentials and try to access the AWS-CN region it won't do. If you check the logs, you probably received the following response from AWS API: {code}
You would need an AWS Account in AWS-CN. Due Chinese regulations you need identity verification, more information https://www.amazonaws.cn/en/about-aws/china/faqs/#beijing-account-cn
I wish the SDK had a better way of determining the partition, unfortunately I could not find a better way. |
AWS operates different Partitions such as US-GovCloud and AWS-CN. This patch improves support for Jenkins instances operating ec2-plugin in the AWS-CN partition as it has a different DNS Suffix than those in US-based Amazon Web Services.
els-grazziotinf
force-pushed
the
master
branch
from
688f63a
to
9969c34
Compare
I was going to remove it but saw Eucalyptus.java also has references to it, decided to play safe. |
|
Thank you for your contribution @els-grazziotinf 👏 |
AWS operates different Partitions such as US-GovCloud and AWS-CN.
This patch improves support for Jenkins instances operating
ec2-plugin in the AWS-CN partition as it has a different DNS Suffix
than those in US-based Amazon Web Services.