Issue with managing AWS S3 buckets through Proxy

We are using Terraform to manage AWS S3 buckets behind a proxy. All endpoints towards AWS are whitelisted, including S3.

Even when whitelist is in place for specific S3 buckets that we are managing, the AWS provider still tries to perform ListBuckets S3 API call to retrieve all S3 buckets in given AWS account owned by user performing the request.
However, this request is sent to the S3 regional endpoint We do not want to whitelist whole S3 for resources using the proxy for security reasons.

Due to the nature of HTTPS, we can only control the destination host. Proxy intercept is also possible here but we’d strongly want to avoid that path.

Is there a way to prevent this behaviour? Looking for insight before I’d create an issue in GitHub.

So are you asking why a call to is being made? The general answer would be because the AWS SDK (which is from Amazon and just used by the Terraform provider, similar to its usage within lots of other software) decides to make that call.

It sounds like you need to include that endpoint within your whitelist.