Make region flag optional

cmd/server/main.go

@@ -39,7 +39,7 @@ func main() {
 		livezPath     = flag.String("livez-path", "/livez", "liveness/connectivity check path")
 		addr          = flag.String("listen", "/var/run/kmsplugin/socket.sock", "GRPC listen address")
 		key           = flag.String("key", "", "AWS KMS Key")
-		region        = flag.String("region", "us-east-1", "AWS Region")
+		region        = flag.String("region", "", "AWS Region")
 		kmsEndpoint   = flag.String("kms-endpoint", "", "use this KMS endpoint instead of the one generated by AWS sdk")
 		qpsLimit      = flag.Int("qps-limit", 0, "number of requests per second to allow for KMS API calls (0 to not rate limit)")
 		burstLimit    = flag.Int("burst-limit", 0, "number of tokens that can be consumed in a single call")

pkg/cloud/cloud.go

@@ -17,6 +17,7 @@ import (
 	"fmt"
 
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/ec2metadata"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/kms"
 	"github.com/aws/aws-sdk-go/service/kms/kmsiface"
@@ -28,17 +29,22 @@ type AWSKMS struct {
 }
 
 func New(region, kmsEndpoint string, qps, burst int) (*AWSKMS, error) {
+	sess, err := session.NewSession()
+	if err != nil {
+		return nil, fmt.Errorf("failed to create new session: %w", err)
+	}
+	if region == "" {
+		region, err = ec2metadata.New(sess).Region()
+		if err != nil {
+			return nil, fmt.Errorf("failed to call the metadata server's region API, %v", err)
+		}
+	}
+	sess.Config.Region = aws.String(region)
 	cfg := &aws.Config{
 		Region:                        aws.String(region),
 		CredentialsChainVerboseErrors: aws.Bool(true),
 		Endpoint:                      aws.String(kmsEndpoint),
 	}
-
-	sess, err := session.NewSession()
-	if err != nil {
-		return nil, fmt.Errorf("failed to create new session: %v", err)
-	}
-
 	if qps > 0 {
 		var err error
 		sess.Config.HTTPClient, err = httputil.NewRateLimitedClient(