-
-
Notifications
You must be signed in to change notification settings - Fork 517
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Replace dynamic DNS suffix resolution for trusted service endpoints with static *.amazonaws.com
#125
feat: Replace dynamic DNS suffix resolution for trusted service endpoints with static *.amazonaws.com
#125
Conversation
Hard coding it to amazonaws.com for identifiers. It is same in AWS China as well. I have created the resource manually in AWS China to test it. I was not able to create when I was using the value that is coming from data source (data.aws_partition.current.dns_suffix) which is amazonaws.com.cn. It accepts only amazonaws.com https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html#procedure_check_execution_role
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Could you please fix the broken CI and we can merge it?
*.amazonaws.com
I've asked internally if all trusted endpoint identifers should simply be this should be all set @antonbabenko |
@antonbabenko if you get a moment, thank you 🙏🏽 ! |
## [5.5.0](v5.4.0...v5.5.0) (2023-10-31) ### Features * Replace dynamic DNS suffix resolution for trusted service endpoints with static `*.amazonaws.com` ([#125](#125)) ([f84dc7d](f84dc7d))
This PR is included in version 5.5.0 🎉 |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Hard coding it to amazonaws.com for identifiers. It is same in AWS China as well. I have created the resource manually in AWS China to test it. I was not able to create when I was using the value that is coming from data source (data.aws_partition.current.dns_suffix) which is amazonaws.com.cn. It accepts only amazonaws.com https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html#procedure_check_execution_role
This Change is tested in my local. It works for both AWS Commercial and AWS China.
Without this change, I get the below error in AWS China.
Description
Motivation and Context
Breaking Changes
How Has This Been Tested?
examples/*
to demonstrate and validate my change(s)examples/*
projectspre-commit run -a
on my pull request