mhart
commented
6 months ago I appreciate this change – unfortunately it would be (arguably) backwards incompatible, so I suspect it would need to land on a major update (ie, when/if this moves to 2.x). I say arguably because it shouldn't break anything per se, but it would potentially change where people's requests are going, which may be unexpected.
Just as an FYI for anyone stumbling across this – you can specify your own host to override this behaviour and still have it work with multi-region STS. ie:
aws4.sign({ host: 'sts.us-west-2.amazonaws.com', path: '/?Action=AssumeRole' })(it will pull out the service and region correctly from the host – but you can also supply them yourself as well, there's no harm in that, and generally if you give service, region and host you've got the highest chance of signing everything correctly)
STS has been multi-region for some time now. It's a best practice to use the regional endpoint for latency and availability reasons.