From ada1461d2f413ed4f6754aa537de39d11f7b54d1 Mon Sep 17 00:00:00 2001
From: Adrian Utrilla <adrianutrilla@gmail.com>
Date: Tue, 15 Aug 2017 11:49:14 -0700
Subject: [PATCH] Remove unused capture groups from KMS ARN parsing

---
 kms/keysource.go | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/kms/keysource.go b/kms/keysource.go
index 5ccf4dad9..a40df119a 100644
--- a/kms/keysource.go
+++ b/kms/keysource.go
@@ -140,13 +140,12 @@ func (key MasterKey) createStsSession(config aws.Config, sess *session.Session)
 }
 
 func (key MasterKey) createSession() (*session.Session, error) {
-	// possible partitions in $1: aws, aws-cn, aws-us-gov
-	re := regexp.MustCompile(`^arn:(aws[\w-]*):kms:(.+):([0-9]+):key/(.+)$`)
+	re := regexp.MustCompile(`^arn:aws[\w-]*:kms:(.+):[0-9]+:key/.+$`)
 	matches := re.FindStringSubmatch(key.Arn)
 	if matches == nil {
 		return nil, fmt.Errorf("No valid ARN found in %q", key.Arn)
 	}
-	config := aws.Config{Region: aws.String(matches[2])}
+	config := aws.Config{Region: aws.String(matches[1])}
 	opts := session.Options{
 		Config:                  config,
 		AssumeRoleTokenProvider: stscreds.StdinTokenProvider,