Enable the use of the FIPS endpoint for the S3_file resource and up…

…date the `create_aws_interface` method to support this functionality (#490) * allow using FIPS endpoint for S3_file resource and update `create_aws_interface` to support it * update the readme * update * Update libraries/ec2.rb Co-authored-by: Corey Hemminger <[email protected]> * fix the use_fips_endpoint`use_fips_endpoint` oassed into `create_aws_interface` * Fixes to get CI to run Signed-off-by: Lance Albertson <[email protected]> --------- Signed-off-by: Lance Albertson <[email protected]> Co-authored-by: Archie Gunasekara <[email protected]> Co-authored-by: Corey Hemminger <[email protected]> Co-authored-by: Lance Albertson <[email protected]>
sous-chefs · Oct 27, 2024 · 6b6e856 · 6b6e856
1 parent 5ee7425
commit 6b6e856
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,8 @@ This file is used to list changes made in each version of the aws cookbook.
 
 ## Unreleased
 
+- Enable the use of the FIPS endpoint for the `S3_file` resource and update the `create_aws_interface` method to support this functionality
+
 ## 9.1.7 - *2024-07-10*
 
 Standardise files with files in sous-chefs/repo-management
@@ -647,7 +649,6 @@ Update checkout to v3 in ci.yml
 [@bazbremner]: https://github.com/bazbremner
 [@dhui]: https://github.com/dhui
 [@drmerlin]: https://github.com/DrMerlin
-[@drywheat]: https://github.com/drywheat
 [@knorby]: https://github.com/knorby
 [@miketheman]: https://github.com/miketheman
 [@mkantor]: https://github.com/mkantor

diff --git a/libraries/ec2.rb b/libraries/ec2.rb
@@ -69,8 +69,10 @@ def fallback_region
 
     # setup AWS instance using passed creds, iam profile, or assumed role
     def create_aws_interface(aws_interface, **opts)
+      use_fips_endpoint = opts.key?(:use_fips_endpoint) ? opts[:use_fips_endpoint] : false
       aws_interface_opts = { region: opts[:region],
-                             http_proxy: ENV['http_proxy'] }
+                             http_proxy: ENV['http_proxy'],
+                             use_fips_endpoint: use_fips_endpoint }
 
       if opts[:mock] # return a mocked interface
         aws_interface_opts[:stub_responses] = true

diff --git a/resources/s3_file.rb b/resources/s3_file.rb
@@ -17,6 +17,7 @@
 property :manage_symlink_source, [true, false]
 property :virtual_host, [true, false], default: false
 property :s3_url, String
+property :use_fips_endpoint, [true, false], default: false
 # Intentionally not using platform_family?('windows') due to a bug/issue
 # where this method is not abvailable in the context of gating properties
 # TODO: update when this is fixed
@@ -60,7 +61,7 @@ def s3
     require 'aws-sdk-s3'
 
     Chef::Log.debug('Initializing the S3 Client')
-    @s3 ||= create_aws_interface(::Aws::S3::Client, region: new_resource.region)
+    @s3 ||= create_aws_interface(::Aws::S3::Client, region: new_resource.region, use_fips_endpoint: new_resource.use_fips_endpoint)
   end
 
   def s3_obj