the ClientFactory class currently uses STS Regional Endpoints for getting credentials which is 👍
However there is no way to configure the client to use FIPS endpoints.
This line in the clientfactory.get_assume_role_credentials function is the cause of the issue:
assume_role_response = boto3.client('sts', region_name=region, endpoint_url="https://sts." + region + ".amazonaws.com").assume_role(RoleArn=role_arn,RoleSessionName="configLambdaExecution",DurationSeconds=CONFIG_ROLE_TIMEOUT_SECONDS)
the ClientFactory class currently uses STS Regional Endpoints for getting credentials which is 👍 However there is no way to configure the client to use FIPS endpoints. This line in the
clientfactory.get_assume_role_credentials
function is the cause of the issue: