Incorrect service URL generated when region name is uppercase

[gamerover98]

Describe the bug

When using Region.of(...) to configure a CognitoIdentityProviderAsyncClient, if the region name is provided in uppercase (e.g., EU-WEST-1), the generated service URL contains the region in uppercase, causing authentication requests to fail: https://cognito-idp.EU-WEST-1.amazonaws.com.

leads to an error when making admin API calls.

Regression Issue

• Select this option if this issue appears to be a regression.

Expected Behavior

The SDK should normalize the region name to lowercase when generating service URLs, ensuring compatibility with AWS services. The expected URL should be: https://cognito-idp.eu-west-1.amazonaws.com

Current Behavior

When passing an uppercase region name to Region.of(...), the generated URL includes the region in uppercase, leading to a 400 Bad Request error from Cognito Identity Provider.

Exception thrown:

software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException: Credential should be scoped to a valid region.  (Service: CognitoIdentityProvider, Status Code: 400, Request ID: 1*******-****-****-*-***********0)

Reproduction Steps

1. Create a CognitoIdentityProviderAsyncClient bean with Region.of("EU-WEST-1"):

@Bean
public CognitoIdentityProviderAsyncClient cognitoIdentityProviderAsyncClient() {
    return CognitoIdentityProviderAsyncClient
            .builder()
            .region(Region.of("EU-WEST-1"))
            .credentialsProvider(EnvironmentVariableCredentialsProvider.create())
            .build();
}

2. Call an admin API, such as adminGetUser:

Mono.fromFuture(
    cognitoIdentityProviderAsyncClient
        .adminGetUser(
            AdminGetUserRequest
                .builder()
                .username(username)
                .userPoolId(poolId)
                .build()))
.map(response -> ...);

3. Observe the exception indicating an invalid region: Credential should be scoped to a valid region

Possible Solution

The Region.of(...) method should automatically convert region names to lowercase before generating service URLs.
This behavior should align with AWS's expected endpoint formats and ensure that uppercase inputs do not break API calls.

Additional Information/Context

No response

AWS Java SDK version used

software.amazon.awssdk:cognitoidentityprovider:2.30.7

JDK version used

21

Operating System and version

Windows 11 Pro, SAM-CLI 1.132.0 and Docker v4.37.1

[RanVaknin]

Hi @gamerover98,

Thanks for reaching out. The SDK requires the exact region name in order to correctly target the correct AWS endpoint for that particular service.

Since the actual behavior matches our documentation this would be more of a feature request than a bug. In terms of normalization behavior, we can't apply lower case by default to every region name because the endpoint resolver is meant to support any region that may be introduced in for forward compatibility reasons. Hand-maintaining a list to lower-case would be an anti pattern. For this reason we are not inclined to go ahead with this feature.

If you wish to avoid worrying about casing you can use the Region enum:

Ec2Client ec2 = Ec2Client.builder()
          .region(Region.US_WEST_2)
          .build();

Thanks,
Ran~

[github-actions]

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.