[Bug]: AWS Provider fails with opt-in regions and assume role configuration #32549
Labels
authentication
Pertains to authentication; to the provider itself of otherwise.
bug
Addresses a defect in current functionality.
provider
Pertains to the provider itself, rather than any interaction with AWS.
Terraform Core Version
1.5.3
AWS Provider Version
v4.57.0
Affected Resource(s)
provider "aws" {}
Expected Behavior
AWS role should be allowed to be assumed in an opt-in region even if the identity (assuming account) does not have the opt-in region enabled.
Actual Behavior
This configuration works when Identity's account has the same opt-in region enabled. It does not when the region is only enabled in the account the assumed role resides in.
Relevant Error/Panic Output Snippet
AWS Error: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 59fbba66-d74e-4d74-9ffb-bd9940ccadd3, api error InvalidClientTokenId: The security token included in the request is invalid
Terraform Configuration Files
Steps to Reproduce
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
None
The text was updated successfully, but these errors were encountered: