search

aws / aws-sdk-go-v2

AWS SDK for the Go programming language.
https://aws.github.io/aws-sdk-go-v2/docs/
Apache License 2.0
2.5k stars 602 forks source link

EndpointResolverV2 doesn't error if an endpoint is not found #2584

Closed rifelpet closed 3 months ago

rifelpet commented 3 months ago

Acknowledgements

Describe the bug

The ResolveEndpoint methods on EndpointResolverV2 types claim to return an error if an endpoint is not found:

https://github.com/aws/aws-sdk-go-v2/blob/5a6b2c00c974396bf1d726e1a7acb3312a34c1e7/service/ec2/endpoints.go#L291-L298

However this is not the case.

Expected Behavior

An error to be returned if an endpoint is not found

Current Behavior

An endpoint is returned that includes the invalid EndpointParameters values.

Reproduction Steps

While go playground wont run the code in the browser, this can be ran locally to demonstrate that no error is returned:

https://go.dev/play/p/DaFEJcapgvl

    resolver := ec2.NewDefaultEndpointResolverV2()
    endpoint, err := resolver.ResolveEndpoint(ctx, ec2.EndpointParameters{Region: aws.String("us-abcdefg-1")})
go run main.go
{URI:{Scheme:https Opaque: User: Host:sts.us-abcdefg-1.amazonaws.com Path: RawPath: OmitHost:false ForceQuery:false RawQuery: Fragment: RawFragment:} Headers:map[] Properties:{values:map[]}}, <nil>

Possible Solution

The resolver calls this internal function:

https://github.com/aws/aws-sdk-go-v2/blob/5a6b2c00c974396bf1d726e1a7acb3312a34c1e7/internal/endpoints/awsrulesfn/partition.go#L32-L56

which falls back to the default aws partition, causing the incorrect endpoint to use the aws partition's DNS suffix.

Additional Information/Context

Being able to determine whether a region is included in the SDK or not is useful to shortcut having to make an API call to ec2.DescribeRegions.

This was possible in the v1 SDK: https://go.dev/play/p/9rp92s-CpXe

AWS Go SDK V2 Module Versions Used

    github.com/aws/aws-sdk-go v1.51.6
    github.com/aws/aws-sdk-go-v2 v1.26.0
    github.com/aws/aws-sdk-go-v2/config v1.27.9
    github.com/aws/aws-sdk-go-v2/credentials v1.17.9
    github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.0
    github.com/aws/aws-sdk-go-v2/service/ec2 v1.152.0
    github.com/aws/aws-sdk-go-v2/service/kms v1.30.0
    github.com/aws/aws-sdk-go-v2/service/s3 v1.53.0

Compiler and Version used

go version go1.22.1 darwin/arm64

Operating System and version

MacOS 14.4.1

RanVaknin commented 3 months ago

Hi @rifelpet ,

Thanks for reaching out.

What you are describing is the intended behavior. The SDK treats region identifiers as opaque strings and does not strip or validate them. When it encounters an unknown or invalid region string, instead of throwing an error, it defaults to using the AWS partition’s endpoint. This behavior ensures that the SDK remains forward-compatible, allowing new regions to "just work" as they become available without needing to update to the SDK.

Thanks, Ran~