Config creation ignores region settings

ewestern commented 2 years ago

Do not use the issues tracker for help or support (try Elixir Forum, Slack, IRC, etc.)
Questions about how to contribute are fine.

Environment

Erlang/OTP 24 [erts-12.0.4] [source] [64-bit] [smp:16:16] [ds:16:16:10] [async-threads:1] [jit]

Elixir 1.12.2 (compiled with Erlang/OTP 24)

ExAws version mix deps |grep ex_aws
ex_aws 2.2.6 (Hex package) (mix) locked at 2.2.6 (ex_aws) c22ce2b8
ex_aws_kinesis (Hex package) (mix) locked at 2.0.1 (ex_aws_kinesis) 7ba0e467
ex_aws_s3 2.3.0 (Hex package) (mix) locked at 2.3.0 (ex_aws_s3) 0b13b114
HTTP client version. IE for hackney do mix deps | grep hackney

hackney 1.18.0 (Hex package) (rebar3) locked at 1.18.0 (hackney) 9afcda62

Current behavior

Given config:

config :ex_aws,
access_key_id: [{:awscli, "foo", 30}, :instance_role],
secret_access_key: [{:awscli, "bar", 30}, :instance_role],
region: "us-west-1"

And Config creation:

ExAws.Config.new(:s3, [region: "us-west-1"])

I would expect a Config like:

%{
  access_key_id: "XXXX",
  host: "s3.us-west-1.amazonaws.com",
  http_client: ExAws.Request.Hackney,
  json_codec: Jason,
  normalize_path: true,
  port: 443,
  region: "us-west-1",
  retries: [max_attempts: 10, base_backoff_in_ms: 10, max_backoff_in_ms: 10000],
  role_arn: "arn:aws:iam::XXXXX:role/xxxxx,
  role_session_name: "pfrance",
  scheme: "https://",
  secret_access_key: "XXXXXX",
  security_token: "XXXXX",
  source_profile: "default"
}

Expected behavior

In fact, the config created is:

%{
  access_key_id: "XXXX",
  host: "s3.us-west-1.amazonaws.com",
  http_client: ExAws.Request.Hackney,
  json_codec: Jason,
  normalize_path: true,
  port: 443,
  region: "us-east-2",
  retries: [max_attempts: 10, base_backoff_in_ms: 10, max_backoff_in_ms: 10000],
  role_arn: "arn:aws:iam::XXXX:role/xxxxxr",
  role_session_name: "pfrance",
  scheme: "https://",
  secret_access_key: "XXXX",
  security_token: "XXXX",
  source_profile: "default"
}

This prevents successful actions against S3 resources in non-us-east-2 regions.

bernardd commented 2 years ago

Yep, this is a known issue - there was an attempt to fix it not so long ago over in #796, but it turns out to be more complex. I'd welcome a PR if anyone has the time to address it.

tomjakubowski commented 2 years ago

Just a note for other readers, same bug as #521. That one has a more complete description of the problem, that it involves profiles configured in ~/.aws/config with a region

ex-aws / ex_aws