Merge pull request #17161 from jValdron/route53-only-config-sts-for-idms

Only configure STS region for Route 53 when we obtain it using IDMS

dnsprovider/pkg/dnsprovider/providers/aws/route53/route53.go

@@ -71,6 +71,15 @@ func newRoute53() (*Interface, error) {
 		region = imdsRegionResp.Region
 	}
 
+	awsOptions := []func(*awsconfig.LoadOptions) error{
+		awsconfig.WithClientLogMode(aws.LogRetries),
+		awslog.WithAWSLogger(),
+		awsconfig.WithRetryer(func() aws.Retryer {
+			return retry.AddWithMaxAttempts(retry.NewStandard(), 5)
+		}),
+	}
+
+	if imdsClient != nil {
 		stsCfg, err := awsconfig.LoadDefaultConfig(ctx,
 			awsconfig.WithClientLogMode(aws.LogRetries),
 			awslog.WithAWSLogger(),
@@ -83,22 +92,16 @@ func newRoute53() (*Interface, error) {
 			return nil, fmt.Errorf("failed to load default aws config for STS client: %w", err)
 		}
 
-	awsOptions := []func(*awsconfig.LoadOptions) error{
+		awsOptions = append(
-		awsconfig.WithClientLogMode(aws.LogRetries),
+			awsOptions,
-		awslog.WithAWSLogger(),
+			awsconfig.WithEC2IMDSRegion(func(o *awsconfig.UseEC2IMDSRegion) {
-		awsconfig.WithRetryer(func() aws.Retryer {
+				o.Client = imdsClient
-			return retry.AddWithMaxAttempts(retry.NewStandard(), 5)
 			}),
 			awsconfig.WithAssumeRoleCredentialOptions(func(aro *stscreds.AssumeRoleOptions) {
 				// Ensure the STS client has a region configured, if discovered by IMDS
 				aro.Client = sts.NewFromConfig(stsCfg)
 			}),
-	}
+		)
-
-	if imdsClient != nil {
-		awsOptions = append(awsOptions, awsconfig.WithEC2IMDSRegion(func(o *awsconfig.UseEC2IMDSRegion) {
-			o.Client = imdsClient
-		}))
 	}
 
 	cfg, err := awsconfig.LoadDefaultConfig(ctx, awsOptions...)