6754 is looking really good. Passed the following tests:
With command line:
--s3-sts-endpoint = foo (junk endpoint test) fails correctly with an informative error
RequestError: send request failed
caused by: Post "https://foo/": dial tcp: lookup foo on 10....: no such host
With command line and --s3-sts-endpoint = actual endpoint succeeds. Works with regional private endpoint, zonal private endpoint, and explicit public endpoint
With command line and NO --s3-sts-endpoint succeeds ... expected default to public endpoint
With no command line sts but sts_endpoint in config file succeeds
A long test with sts and s3 endpoints in a config file has happily exceeded the profile's credential expiry, strongly suggesting that creds caching and renewal for long sessions is working. It'll be fully done in a few hours.
So, all in all the 6754 build looks just great. Thanks!
If all continues looking well, what's the process for release? Should I wait for something official?
I've raised the issue, and recommended that we do so. It's complicated by the fact that my client is a governmental organization. If it turns out that it's not logistically feasible I can always do so as an individual in appreciation of the countless hours you just saved me as an engineer!