From 04abb4b9c1d4d2aac67d8412cebb76bfb10c6e9b Mon Sep 17 00:00:00 2001
From: Sean McGrail <mcgrails@amazon.com>
Date: Mon, 26 Apr 2021 16:39:24 -0700
Subject: [PATCH] internal/endpoints: Add support for FIPS global partition
 endpoints.

---
 internal/endpoints/endpoints.go      | 12 ++++++------
 internal/endpoints/endpoints_test.go | 26 ++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/internal/endpoints/endpoints.go b/internal/endpoints/endpoints.go
index 92635a1bb55..98f3cff49ce 100644
--- a/internal/endpoints/endpoints.go
+++ b/internal/endpoints/endpoints.go
@@ -62,24 +62,24 @@ func (p Partition) canResolveEndpoint(region string) bool {
 
 // ResolveEndpoint resolves and service endpoint for the given region and options.
 func (p Partition) ResolveEndpoint(region string, options Options) (resolved aws.Endpoint, err error) {
+	e, _ := p.endpointForRegion(region)
+
 	if len(region) == 0 && len(p.PartitionEndpoint) != 0 {
 		region = p.PartitionEndpoint
 	}
 
-	e, _ := p.endpointForRegion(region)
-
 	return e.resolve(p.ID, region, p.Defaults, options), nil
 }
 
 func (p Partition) endpointForRegion(region string) (Endpoint, bool) {
-	if !p.IsRegionalized {
-		return p.Endpoints[p.PartitionEndpoint], region == p.PartitionEndpoint
-	}
-
 	if e, ok := p.Endpoints[region]; ok {
 		return e, true
 	}
 
+	if !p.IsRegionalized {
+		return p.Endpoints[p.PartitionEndpoint], region == p.PartitionEndpoint
+	}
+
 	// Unable to find any matching endpoint, return
 	// blank that will be used for generic endpoint creation.
 	return Endpoint{}, false
diff --git a/internal/endpoints/endpoints_test.go b/internal/endpoints/endpoints_test.go
index 1623d0f06d3..d9d31a57542 100644
--- a/internal/endpoints/endpoints_test.go
+++ b/internal/endpoints/endpoints_test.go
@@ -117,6 +117,12 @@ var testPartitions = Partitions{
 					Region: "cn-east-1",
 				},
 			},
+			"fips-partition": {
+				Hostname: "some-global-thing-fips.amazonaws.com.cn",
+				CredentialScope: CredentialScope{
+					Region: "cn-east-1",
+				},
+			},
 		},
 	},
 	{
@@ -182,6 +188,26 @@ func TestResolveEndpoint(t *testing.T) {
 				SigningMethod: "v4",
 			},
 		},
+		"specified partition endpoint": {
+			Region: "partition",
+			Expected: aws.Endpoint{
+				PartitionID:   "part-id-2",
+				URL:           "https://some-global-thing.amazonaws.com.cn",
+				SigningRegion: "cn-east-1",
+				SigningName:   "foo",
+				SigningMethod: "v4",
+			},
+		},
+		"fips partition endpoint": {
+			Region: "fips-partition",
+			Expected: aws.Endpoint{
+				PartitionID:   "part-id-2",
+				URL:           "https://some-global-thing-fips.amazonaws.com.cn",
+				SigningRegion: "cn-east-1",
+				SigningName:   "foo",
+				SigningMethod: "v4",
+			},
+		},
 		"region with unmodeled endpoints": {
 			Region: "eu-west-1",
 			Expected: aws.Endpoint{