Use HeadBucket instead of GetBucketLocation (#1979)

[raulpedroche]

SUMMARY

Replacing the call to get_bucket_location with a call to head_bucket in Connection._get_bucket_endpoint().

The GetBucketLocation API call only works from the bucket owner account. This enables using a bucket owned by another accout, e.g. a shared organization bucket when running cross-account.

Fixes #1979.

ISSUE TYPE

• Bugfix Pull Request

COMPONENT NAME

aws_ssm

ADDITIONAL INFORMATION

The official documentation for the GetBucketLocation API call states it is only supported for backwards compatibility and recomends using HeadBucket instead.

# Before change
PLAY [Minimal playbook] ********************************************************

TASK [Gathering Facts] *********************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the GetBucketLocation operation: Access Denied
fatal: [i-00a8cb5930bd5f7dc]: FAILED! => {"msg": "Unexpected failure during module execution: An error occurred (AccessDenied) when calling the GetBucketLocation operation: Access Denied", "stdout": ""}

PLAY RECAP *********************************************************************
i-00a8cb5930bd5f7dc        : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0 

# After change
PLAY [Minimal playbook] ********************************************************

TASK [Gathering Facts] *********************************************************
Warning: : Platform linux on host i-00a8cb5930bd5f7dc is using the discovered
Python interpreter at /usr/libexec/platform-python, but future installation of
another Python interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [i-00a8cb5930bd5f7dc]

TASK [Ping] ********************************************************************
ok: [i-00a8cb5930bd5f7dc]

PLAY RECAP *********************************************************************
i-00a8cb5930bd5f7dc        : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

[softwarefactory-project-zuul]

Build succeeded.
https://ansible.softwarefactory-project.io/zuul/buildset/6eda50db34d649d29d271dd5432c5cd0

❌ ansible-galaxy-importer FAILURE in 5m 27s (non-voting)
✔️ build-ansible-collection SUCCESS in 13m 02s
✔️ ansible-test-splitter SUCCESS in 5m 13s
✔️ integration-community.aws-1 SUCCESS in 9m 50s
✔️ integration-community.aws-2 SUCCESS in 12m 37s
✔️ integration-community.aws-3 SUCCESS in 6m 37s
Skipped 19 jobs

[fivetran-joliveira]

When trying to use a single organization bucket for cross-account connection

I'm facing the same error reported on #1979 in this exact scenario: single bucket for cross account connection
I'd love to see this PR merged. 🤞

[mdaffernaderant]

Would like to see this merged as well. Facing the exact error too.

[jacksod1]

What needs to be done in order to get this PR merged? I'd love to see this merged as well.