This PR adds the ability to specify a region in the vault itself or on the CLI via the --region … flag. Thankfully, the AWS SDK handles most of the heavy lifting as long as the region is specified (including selecting the correct partition and endpoints).
Unfortunately, the standard partition defaults to using the global STS endpoint rather than respecting the region specification, so a custom resolver had to be implemented to select region-local endpoints. However, the global STS endpoint is still used if no region is specified.
To help smooth over the user experience, the session cache has been upgraded to be able to cache sessions from multiple different variations of a vault. (i.e. different regions or similar)
This PR adds the ability to specify a region in the vault itself or on the CLI via the
--region …
flag. Thankfully, the AWS SDK handles most of the heavy lifting as long as the region is specified (including selecting the correct partition and endpoints).Unfortunately, the standard partition defaults to using the global STS endpoint rather than respecting the region specification, so a custom resolver had to be implemented to select region-local endpoints. However, the global STS endpoint is still used if no region is specified.
To help smooth over the user experience, the session cache has been upgraded to be able to cache sessions from multiple different variations of a vault. (i.e. different regions or similar)