Shellable's assumeRole Uses STS Global Endpoint
Closed this issue · 2 comments
STS is deprecating the use of the global endpoint and all usage needs to be switched over to the regional endpoints. The usage of the CLI to call STS to assume a different role in Shellable is still using the global endpoint: https://github.com/awslabs/aws-delivlib/blob/master/lib/shellable.ts#L357
I think there are 2 ways this could be fixed, the first being to try and set the Shellable to default to a more recent image than LinuxBuildImage.UBUNTU_14_04_BASE. The AWS CLI v2 uses regional endpoints by default, However, I'm not familiar with which version is available on the different images, so I'm not sure if that will work.
The second way to fix it is to set an environment variable in the pre-build steps. Adding export AWS_STS_REGIONAL_ENDPOINTS=regional right before the usage of STS through the AWS CLI should work.
This issue is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon.
Closing this issue as it hasn't seen activity for a while. Please add a comment @mentioning a maintainer to reopen.