From 3ffd03a59c8a25fca6012ceb55877adce3edbb8a Mon Sep 17 00:00:00 2001 From: Junaid Ali Date: Fri, 19 Sep 2025 15:02:15 +0100 Subject: [PATCH 1/4] fix(aws): set region from default profile By default when there is no region set: ``` $ asp $ env | grep -i aws AWS_DEFAULT_PROFILE= AWS_PROFILE= AWS_EB_PROFILE= AWS_REGION= AWS_DEFAULT_REGION= ``` we get this error for this command if we are using regional STS endpoints: ``` $ aws sts get-caller-identity | jq .Arn Invalid endpoint: https://sts..amazonaws.com ``` This PR ensures that a default region is always set. By default comes from `default` profile configuration, and defaults to `us-east-1` --- plugins/aws/aws.plugin.zsh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/plugins/aws/aws.plugin.zsh b/plugins/aws/aws.plugin.zsh index 0c43031df..58adfc770 100644 --- a/plugins/aws/aws.plugin.zsh +++ b/plugins/aws/aws.plugin.zsh @@ -43,6 +43,14 @@ function asp() { export AWS_EB_PROFILE=$1 export AWS_PROFILE_REGION=$(aws configure get region) + if [[ -z "${AWS_PROFILE_REGION}" ]]; then + if [[ -z "${available_profiles[(r)default]}" ]]; then + echo "region defaulting to us-east-1" + else + export AWS_PROFILE_REGION=$(aws configure get region --profile default) + fi + fi + export AWS_REGION=$AWS_PROFILE_REGION _aws_update_state From a7bd198b35389083a653d4c3f13e6d5991b9281a Mon Sep 17 00:00:00 2001 From: Junaid Ali Date: Fri, 19 Sep 2025 15:10:54 +0100 Subject: [PATCH 2/4] Update README.md --- plugins/aws/README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/plugins/aws/README.md b/plugins/aws/README.md index 0d0773f63..cbd699916 100644 --- a/plugins/aws/README.md +++ b/plugins/aws/README.md @@ -96,3 +96,14 @@ source_profile = source-profile-name region = us-east-1 output = json ``` + +## NOTES +1. If we see an issue with a `aws` CLI command for a specific region e.g: + ```shell + $ aws eks list-clusters --region me-central-1 + An error occurred (UnrecognizedClientException) when calling the ListClusters operation: The security token included in the request is invalid + ``` + Ensure you're fetching the AWS credentials from a regional STS endpoint i.e: + ```shell + $ AWS_STS_REGIONAL_ENDPOINTS=regional gimme-aws-creds + ``` From 5f2a6935f71c34d7c1eec5232c7e4bef1c2fa093 Mon Sep 17 00:00:00 2001 From: Junaid Ali Date: Fri, 19 Sep 2025 15:20:32 +0100 Subject: [PATCH 3/4] Update aws.plugin.zsh --- plugins/aws/aws.plugin.zsh | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/aws/aws.plugin.zsh b/plugins/aws/aws.plugin.zsh index 58adfc770..aa2ff63d3 100644 --- a/plugins/aws/aws.plugin.zsh +++ b/plugins/aws/aws.plugin.zsh @@ -46,6 +46,7 @@ function asp() { if [[ -z "${AWS_PROFILE_REGION}" ]]; then if [[ -z "${available_profiles[(r)default]}" ]]; then echo "region defaulting to us-east-1" + AWS_PROFILE_REGION=us-east-1 else export AWS_PROFILE_REGION=$(aws configure get region --profile default) fi From 80c3574f6c6cd706dd12ab3aba9890fff3c408f4 Mon Sep 17 00:00:00 2001 From: Junaid Ali Date: Fri, 19 Sep 2025 15:20:54 +0100 Subject: [PATCH 4/4] Update aws.plugin.zsh --- plugins/aws/aws.plugin.zsh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/aws/aws.plugin.zsh b/plugins/aws/aws.plugin.zsh index aa2ff63d3..d6484aace 100644 --- a/plugins/aws/aws.plugin.zsh +++ b/plugins/aws/aws.plugin.zsh @@ -46,7 +46,7 @@ function asp() { if [[ -z "${AWS_PROFILE_REGION}" ]]; then if [[ -z "${available_profiles[(r)default]}" ]]; then echo "region defaulting to us-east-1" - AWS_PROFILE_REGION=us-east-1 + export AWS_PROFILE_REGION=us-east-1 else export AWS_PROFILE_REGION=$(aws configure get region --profile default) fi