Feat: add check to use AWS SSO region to generate AWS SSO sessions

[garysassano]

When you add a new AWS SSO integration, Leapp sets the wrong region for the individual accounts. In my case I selected eu‑west‑1 when adding a new AWS SSO integration, but Leapp added all the accounts under us‑east‑1 instead so I had to manually change the region for each of them.

[ericvilla]

HI @garysassano, thank you for reporting! Actually, the region selected during AWS SSO integration creation differs from the default AWS region that is specified in the General settings tab. The first one is used to log into AWS SSO, while the second one is applied to the sessions. The first one must correspond to the region in which the AWS SSO installation resides; on the other hand, the default AWS region (that you can find in the General settings) is applied to the sessions and, therefore, written in the ~/.aws/credentials file when the session is activated.

[garysassano]

@ericvilla I understand what you are saying, but I would have expected that all sessions inherited the region from the AWS SSO when adding an integration. Also, I've just noticed that if you modify the default AWS Region in General settings, that doesn't get applied to alredy existing integrations, you need to remove an readd them. I think this behaviour should made more obvious for the final user, maybe by adding an extra checkbox in the Add New Integration window that says "inherit Sessions region from default region in General settings" so an user can opt out and inherit from the region where AWS SSO is installed instead.

[andreacavagna01]

Moving this bug to enhancement to and renaming to: "Feat: add check to use AWS SSO region to generate AWS SSO sessions"