basil It took me a while, but I found the issue. Our controller node is in another region than the agents we are launching. There are places in the code where we pass the default EC2 endpoint (when no override is set). This does not work without a region in a cross-region context.
I fixed it so that we get the first of: the override endpoint (if provided), the endpoint with the region (if a region has been provided), or the default region-less endpoint.
I tested a local build with my changes on our former production instance and it works. I tested the "Test Connection" and "Check AMI" buttons, the population of the regions in the dropdown, launching instances in the same account/region (instance profile), and launching instances in a different account and region (instance profile + role).
My changes are here: https://github.com/coveord/ec2-plugin/tree/fix/JENKINS-73640. Like last time, I made them on top of your branch, so they should merge without issues. Bear in mind I'm more of a Python developer, so I might have made some changes that are not idiomatic. I also left a TODO in the code (I don't know how regions work in Eucalyptus).
Happy holidays!
basil Unfortunately, that did not work. I get the same error message and I triple-checked that the correct versions were installed and that STS was not.
I think this might be a cross-account issue, because it works when using the same account the Jenkins controller is located and has an IAM role in, but not in any other account.