Skip to content

Commit

Permalink
Merge pull request #17165 from johngmyers/automated-cherry-pick-of-#1…
Browse files Browse the repository at this point in the history
…7161-upstream-release-1.30

Automated cherry pick of #17161: Only configure STS region for Route 53 when we obtain it using IDMS
  • Loading branch information
k8s-ci-robot authored Jan 3, 2025
2 parents 38b5487 + bda10ce commit 330c1a4
Showing 1 changed file with 22 additions and 19 deletions.
41 changes: 22 additions & 19 deletions dnsprovider/pkg/dnsprovider/providers/aws/route53/route53.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,34 +71,37 @@ func newRoute53() (*Interface, error) {
region = imdsRegionResp.Region
}

stsCfg, err := awsconfig.LoadDefaultConfig(ctx,
awsconfig.WithClientLogMode(aws.LogRetries),
awslog.WithAWSLogger(),
awsconfig.WithRetryer(func() aws.Retryer {
return retry.AddWithMaxAttempts(retry.NewStandard(), 5)
}),
awsconfig.WithRegion(region),
)
if err != nil {
return nil, fmt.Errorf("failed to load default aws config for STS client: %w", err)
}

awsOptions := []func(*awsconfig.LoadOptions) error{
awsconfig.WithClientLogMode(aws.LogRetries),
awslog.WithAWSLogger(),
awsconfig.WithRetryer(func() aws.Retryer {
return retry.AddWithMaxAttempts(retry.NewStandard(), 5)
}),
awsconfig.WithAssumeRoleCredentialOptions(func(aro *stscreds.AssumeRoleOptions) {
// Ensure the STS client has a region configured, if discovered by IMDS
aro.Client = sts.NewFromConfig(stsCfg)
}),
}

if imdsClient != nil {
awsOptions = append(awsOptions, awsconfig.WithEC2IMDSRegion(func(o *awsconfig.UseEC2IMDSRegion) {
o.Client = imdsClient
}))
stsCfg, err := awsconfig.LoadDefaultConfig(ctx,
awsconfig.WithClientLogMode(aws.LogRetries),
awslog.WithAWSLogger(),
awsconfig.WithRetryer(func() aws.Retryer {
return retry.AddWithMaxAttempts(retry.NewStandard(), 5)
}),
awsconfig.WithRegion(region),
)
if err != nil {
return nil, fmt.Errorf("failed to load default aws config for STS client: %w", err)
}

awsOptions = append(
awsOptions,
awsconfig.WithEC2IMDSRegion(func(o *awsconfig.UseEC2IMDSRegion) {
o.Client = imdsClient
}),
awsconfig.WithAssumeRoleCredentialOptions(func(aro *stscreds.AssumeRoleOptions) {
// Ensure the STS client has a region configured, if discovered by IMDS
aro.Client = sts.NewFromConfig(stsCfg)
}),
)
}

cfg, err := awsconfig.LoadDefaultConfig(ctx, awsOptions...)
Expand Down

0 comments on commit 330c1a4

Please sign in to comment.