Skip to content

Fix SSM endpoint for Gov regions#693

Merged
shreyamalpani merged 4 commits intomainfrom
shreya.malpani/fix-ssm-gov-endpoint
Dec 5, 2025
Merged

Fix SSM endpoint for Gov regions#693
shreyamalpani merged 4 commits intomainfrom
shreya.malpani/fix-ssm-gov-endpoint

Conversation

@shreyamalpani
Copy link
Contributor

@shreyamalpani shreyamalpani commented Dec 1, 2025
edited
Loading

What does this PR do?

Overrides the SSM url to be ssm-fips.{REGION}.amazonaws.com only in commercial FIPS mode. Gov endpoints should use the default ssm.{REGION}.amazonaws.com. https://docs.aws.amazon.com/general/latest/gr/ssm.html

Motivation

Customer reported Datadog Forwarder getting API key from SSM in gov region is not working SLES-2580

Testing Guidelines

Additional Notes

Types of Changes

  • Bug fix
  • New feature
  • Breaking change
  • Misc (docs, refactoring, dependency upgrade, etc.)

Check all that apply

  • This PR's description is comprehensive
  • This PR contains breaking changes that are documented in the description
  • This PR introduces new APIs or parameters that are documented and unlikely to change in the foreseeable future
  • This PR impacts documentation, and it has been updated (or a ticket has been logged)
  • This PR's changes are covered by the automated tests
  • This PR collects user input/sensitive content into Datadog
  • This PR passes the integration tests (ask a Datadog member to run the tests)

@shreyamalpani shreyamalpani marked this pull request as ready for review December 4, 2025 21:01
@shreyamalpani shreyamalpani requested review from a team as code owners December 4, 2025 21:01
joeyzhao2018
joeyzhao2018 reviewed Dec 5, 2025
View reviewed changes
Copy link
Contributor

@joeyzhao2018 joeyzhao2018 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Based on aws doc, not all commercial regions support ssm-fips endpoint.
  2. When the configuration explicitly enabled FIPS mode but the endpoint is not supported, a warning log is needed IMHO.

joeyzhao2018
joeyzhao2018 approved these changes Dec 5, 2025
View reviewed changes
Copy link
Contributor

@joeyzhao2018 joeyzhao2018 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@shreyamalpani shreyamalpani merged commit ed75966 into main Dec 5, 2025
106 checks passed
@shreyamalpani shreyamalpani deleted the shreya.malpani/fix-ssm-gov-endpoint branch December 5, 2025 21:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joeyzhao2018 joeyzhao2018 joeyzhao2018 approved these changes

@litianningdatadog litianningdatadog litianningdatadog approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@shreyamalpani @joeyzhao2018 @litianningdatadog