shantanugupta
commented
2 years ago Upon debugging the issue, if we are not passing region explicitly - enpoint URL gets resolved for global. #endpoint_url = 'https://sts.cn-north-1.amazonaws.com.cn' region_name = 'cn-north-1'
If we provide region_name in boto3, it was able to resolve the url. So region_name should be provided by the dev explicitly or region should be pulled from profile before hitting sts request.
client = boto3.client( 'sts', aws_access_key_id=lt_key_id, aws_secret_access_key=lt_access_key, #endpoint_url = 'https://sts.cn-north-1.amazonaws.com.cn' region_name = 'cn-north-1' )
Added a pull request to resolve this - https://github.com/broamski/aws-mfa/pull/77
Upon debugging the issue, if we are not passing region explicitly - enpoint URL gets resolved for global.
endpoint_url = 'https://sts.cn-north-1.amazonaws.com.cn'
region_name = 'cn-north-1'
If we provide region_name in boto3, it was able to resolve the url. So region_name should be provided by the dev explicitly or region should be pulled from profile before hitting sts request.
client = boto3.client( 'sts', aws_access_key_id=lt_key_id, aws_secret_access_key=lt_access_key,
endpoint_url = 'https://sts.cn-north-1.amazonaws.com.cn'