Amazon EC2 plugin fails to populate region drop-down, describeregion api call doesn't use configured Arn

Because of this issue we can't use the Jenkins Cloud GUI but rather have to make all changes to config.xml instead. Or, we have to make changes in cloud GUI and then hand-replace the region id in config.xml

<region>us-east-2</region>

which becomes empty with no value after saving in my current situation.

I have checked "Use EC2 instance profile to obtain credentials" in /manage/cloud/ec2-CFE-AWS-EAST2/configure 

in the Advanced section I specify a "Arn Role" and "Session Name".

I can click "Test Connection" and that reports success but the region drop-down is always empty. If I enable System Log with `com.amazonaws` and `ALL` I can see the failing Describe-Regions call which is NOT using the "Arn Role" I specified but defaulting to the Arn based on the machine I am hosting jenkins on.

I have an .aws/config file with the desired Arn in both a `[default]` and `[profile jenkins]` section (same info in both).

If I set "Session Name" to anything, it fails. If I set it to empty the "Test Connection" stops working.

From JENKINS-11953 I see a commit that seems to do the work of getting the regions and calling Describe-Regions API.

https://github.com/jenkinsci/ec2-plugin/compare/19c419b...f0e542f

But that code seems to skip trying to get regions if no credentials are provided, such as my case using an Arn Role.

It would seem that the code in question for my issue is here? https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/AmazonEC2Cloud.java#L185

Looking at JENKINS-61165 I tried an alternate endpoint according to naming conventions in the docs, https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Using_Endpoints.html.

This did not seem to improve the situation. I still get a similar failure like

Feb 01, 2024 10:05:53 PM FINE com.amazonaws.http.AmazonHttpClient$RequestExecutor handleErrorResponse
Received error response: com.amazonaws.services.ec2.model.AmazonEC2Exception: You are not authorized to perform this operation. User: arn:aws:sts:(12-digit-number):assumed-role/(the-wrong-role-name)/(a-number-starting-with-i-) is not authorized to perform: ec2:DescribeRegions because no identity-based policy allows the ec2:DescribeRegions action (Service: AmazonEC2; Status Code: 403; Error Code: UnauthorizedOperation; Request ID: (a-request-id); Proxy: null)

Where the arn ID is that which is default based on my host and not the arn role I have set in cloud config or in $HOME/.aws/config for jenkins user that starts the server.