ARTIFACTORY: Connect Artifactory to S3 Bucket with IAM Role when using instances, S3 bucket in Hyderabad [ap-south-2] region

ARTIFACTORY: Connect Artifactory to S3 Bucket with IAM Role when using instances, S3 bucket in Hyderabad [ap-south-2] region

AuthorFullName__c
Vignesh Surendrababu
articleNumber
000005913
ft:sourceType
Salesforce
FirstPublishedDate
2023-11-21T16:11:26Z
lastModifiedDate
2023-11-21
VersionNumber
3

To connect to an S3 bucket from Artifactory while using EKS, follow the instructions available at [Connect Artifactory to S3 Bucket with IAM Role]. However, when configuring instances, and buckets in regions like ap-south-2, it is necessary to update the following settings in AWS.

User-added image
Currently, AWS Service Accounts within the Kubernetes cluster generate a token [AWS Security Token Service], and all STS requests are directed to a single endpoint at [https://sts.amazonaws.com]. 

However, since these requests go to the global endpoint, the resulting session tokens might be valid in some regions but not in others. This discrepancy arises because AWS regions where the region is enabled by default use the Version 1 mechanism, rendering the tokens incompatible with regions where the region must be manually enabled. 

For instance, in the Hyderabad region, the region is not enabled by default and must be manually enabled. For further details, refer to this article: [AWS IAM User Guide - Enabling Regions]."