From 703fe6f2989c7687ec17fa08a6ccd6893de2ddb7 Mon Sep 17 00:00:00 2001
From: justinsb <justinsb@google.com>
Date: Sun, 25 Aug 2024 14:23:46 -0400
Subject: [PATCH] dns: don't use IMDS region resolver when it previously failed

This should allow use to IMDS on EC2, but not when not running on EC2,
for example when running `kops update cluster`.
---
 .../dnsprovider/providers/aws/route53/route53.go | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/dnsprovider/pkg/dnsprovider/providers/aws/route53/route53.go b/dnsprovider/pkg/dnsprovider/providers/aws/route53/route53.go
index 1bd7c14a11..4f96f07617 100644
--- a/dnsprovider/pkg/dnsprovider/providers/aws/route53/route53.go
+++ b/dnsprovider/pkg/dnsprovider/providers/aws/route53/route53.go
@@ -67,6 +67,8 @@ func newRoute53() (*Interface, error) {
 	imdsRegionResp, err := imdsClient.GetRegion(ctx, &imds.GetRegionInput{})
 	if err != nil {
 		klog.V(4).Infof("Unable to discover region by IMDS, using SDK defaults: %s", err)
+		// Don't use imdsClient if it's erroring (we're probably not running on EC2 here, e.g. kops update)
+		imdsClient = nil
 	} else {
 		region = imdsRegionResp.Region
 	}
@@ -83,7 +85,7 @@ func newRoute53() (*Interface, error) {
 		return nil, fmt.Errorf("failed to load default aws config for STS client: %w", err)
 	}
 
-	cfg, err := awsconfig.LoadDefaultConfig(ctx,
+	awsOptions := []func(*awsconfig.LoadOptions) error{
 		awsconfig.WithClientLogMode(aws.LogRetries),
 		awslog.WithAWSLogger(),
 		awsconfig.WithRetryer(func() aws.Retryer {
@@ -93,11 +95,15 @@ func newRoute53() (*Interface, error) {
 			// Ensure the STS client has a region configured, if discovered by IMDS
 			aro.Client = sts.NewFromConfig(stsCfg)
 		}),
-		awsconfig.WithEC2IMDSRegion(func(o *awsconfig.UseEC2IMDSRegion) {
-			o.Client = imdsClient
-		}),
-	)
+	}
 
+	if imdsClient != nil {
+		awsOptions = append(awsOptions, awsconfig.WithEC2IMDSRegion(func(o *awsconfig.UseEC2IMDSRegion) {
+			o.Client = imdsClient
+		}))
+	}
+
+	cfg, err := awsconfig.LoadDefaultConfig(ctx, awsOptions...)
 	if err != nil {
 		return nil, fmt.Errorf("failed to load default aws config: %w", err)
 	}