Closed CharmanderJieniJieni closed 1 week ago
Thanks for reaching out. Here are the currently supported FIPS endpoints for reference: https://aws.amazon.com/compliance/fips/. The AWS CLI is working as intended here and resolving to the correct endpoint when AWS_USE_FIPS_ENDPOINT
is set. There are not plans to support a redirect for non-FIPS supported regions. You can manually specify the endpoint URL if necessary by using aws s3 ls --endpoint-url https://s3.ap-southeast-1.amazonaws.com
This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.
Describe the bug
We have
AWS_USE_FIPS_ENDPOINT
enabled and noticed that if we are making aws cli calls to regions which does not support fips service endpoint, AWS CLI still tries to append-fips
in the api call which ends up with DNS resolving error.Expected Behavior
For example, If I enable
AWS_USE_FIPS_ENDPOINT
and then do aaws s3 ls --region ap-southeast-1
. The API call should redirect to "https://s3.ap-southeast-1.amazonaws.com/" since FIPs service endpoint is not in this regionCurrent Behavior
Currently will get below error
Reproduction Steps
AWS_USE_FIPS_ENDPOINT
Possible Solution
No response
Additional Information/Context
No response
CLI version used
2.16.9
Environment details (OS name and version, etc.)
Ubuntu 20