Support AWS gp3 volumes (#10338)
* Support AWS gp3 volumes * docs * tests
This commit is contained in:
parent
39ab646236
commit
e0e82e2192
|
@ -14,8 +14,12 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
minIops = 100
|
||||
maxIops = 64000
|
||||
minIops = 100
|
||||
maxIops = 64000
|
||||
minIopsGp3 = 3000
|
||||
maxIopsGp3 = 16000
|
||||
minThroughput = 125
|
||||
maxThroughput = 1000
|
||||
)
|
||||
|
||||
// These will be attached when launching your instance. Your
|
||||
|
@ -78,12 +82,17 @@ type BlockDevice struct {
|
|||
NoDevice bool `mapstructure:"no_device" required:"false"`
|
||||
// The ID of the snapshot.
|
||||
SnapshotId string `mapstructure:"snapshot_id" required:"false"`
|
||||
// The throughput for gp3 volumes, only valid for gp3 types
|
||||
// See the documentation on
|
||||
// [Throughput](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html)
|
||||
// for more information
|
||||
Throughput int64 `mapstructure:"throughput" required:"false"`
|
||||
// The virtual device name. See the documentation on Block Device Mapping
|
||||
// for more information.
|
||||
VirtualName string `mapstructure:"virtual_name" required:"false"`
|
||||
// The volume type. gp2 for General Purpose (SSD) volumes, io1 for
|
||||
// Provisioned IOPS (SSD) volumes, st1 for Throughput Optimized HDD, sc1
|
||||
// for Cold HDD, and standard for Magnetic volumes.
|
||||
// The volume type. gp2 & gp3 for General Purpose (SSD) volumes, io1 & io2
|
||||
// for Provisioned IOPS (SSD) volumes, st1 for Throughput Optimized HDD,
|
||||
// sc1 for Cold HDD, and standard for Magnetic volumes.
|
||||
VolumeType string `mapstructure:"volume_type" required:"false"`
|
||||
// The size of the volume, in GiB. Required if not specifying a
|
||||
// snapshot_id.
|
||||
|
@ -139,11 +148,16 @@ func (blockDevice BlockDevice) BuildEC2BlockDeviceMapping() *ec2.BlockDeviceMapp
|
|||
ebsBlockDevice.VolumeSize = aws.Int64(blockDevice.VolumeSize)
|
||||
}
|
||||
|
||||
// IOPS is only valid for io1 and io2 types
|
||||
if blockDevice.VolumeType == "io1" || blockDevice.VolumeType == "io2" {
|
||||
switch blockDevice.VolumeType {
|
||||
case "io1", "io2", "gp3":
|
||||
ebsBlockDevice.Iops = aws.Int64(blockDevice.IOPS)
|
||||
}
|
||||
|
||||
// Throughput is only valid for gp3 types
|
||||
if blockDevice.VolumeType == "gp3" {
|
||||
ebsBlockDevice.Throughput = aws.Int64(blockDevice.Throughput)
|
||||
}
|
||||
|
||||
// You cannot specify Encrypted if you specify a Snapshot ID
|
||||
if blockDevice.SnapshotId != "" {
|
||||
ebsBlockDevice.SnapshotId = aws.String(blockDevice.SnapshotId)
|
||||
|
@ -188,6 +202,21 @@ func (b *BlockDevice) Prepare(ctx *interpolate.Context) error {
|
|||
}
|
||||
}
|
||||
|
||||
if b.VolumeType == "gp3" {
|
||||
if b.Throughput < minThroughput || b.Throughput > maxThroughput {
|
||||
return fmt.Errorf("Throughput must be between %d and %d for device %s",
|
||||
minThroughput, maxThroughput, b.DeviceName)
|
||||
}
|
||||
|
||||
if b.IOPS < minIopsGp3 || b.IOPS > maxIopsGp3 {
|
||||
return fmt.Errorf("IOPS must be between %d and %d for device %s",
|
||||
minIopsGp3, maxIopsGp3, b.DeviceName)
|
||||
}
|
||||
} else if b.Throughput > 0 {
|
||||
return fmt.Errorf("Throughput is not available for device %s",
|
||||
b.DeviceName)
|
||||
}
|
||||
|
||||
_, err := interpolate.RenderInterface(&b, ctx)
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -15,6 +15,7 @@ type FlatBlockDevice struct {
|
|||
IOPS *int64 `mapstructure:"iops" required:"false" cty:"iops" hcl:"iops"`
|
||||
NoDevice *bool `mapstructure:"no_device" required:"false" cty:"no_device" hcl:"no_device"`
|
||||
SnapshotId *string `mapstructure:"snapshot_id" required:"false" cty:"snapshot_id" hcl:"snapshot_id"`
|
||||
Throughput *int64 `mapstructure:"throughput" required:"false" cty:"throughput" hcl:"throughput"`
|
||||
VirtualName *string `mapstructure:"virtual_name" required:"false" cty:"virtual_name" hcl:"virtual_name"`
|
||||
VolumeType *string `mapstructure:"volume_type" required:"false" cty:"volume_type" hcl:"volume_type"`
|
||||
VolumeSize *int64 `mapstructure:"volume_size" required:"false" cty:"volume_size" hcl:"volume_size"`
|
||||
|
@ -39,6 +40,7 @@ func (*FlatBlockDevice) HCL2Spec() map[string]hcldec.Spec {
|
|||
"iops": &hcldec.AttrSpec{Name: "iops", Type: cty.Number, Required: false},
|
||||
"no_device": &hcldec.AttrSpec{Name: "no_device", Type: cty.Bool, Required: false},
|
||||
"snapshot_id": &hcldec.AttrSpec{Name: "snapshot_id", Type: cty.String, Required: false},
|
||||
"throughput": &hcldec.AttrSpec{Name: "throughput", Type: cty.Number, Required: false},
|
||||
"virtual_name": &hcldec.AttrSpec{Name: "virtual_name", Type: cty.String, Required: false},
|
||||
"volume_type": &hcldec.AttrSpec{Name: "volume_type", Type: cty.String, Required: false},
|
||||
"volume_size": &hcldec.AttrSpec{Name: "volume_size", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -163,6 +163,29 @@ func TestBlockDevice(t *testing.T) {
|
|||
NoDevice: aws.String(""),
|
||||
},
|
||||
},
|
||||
{
|
||||
Config: &BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
VolumeSize: 8,
|
||||
Throughput: 125,
|
||||
IOPS: 3000,
|
||||
DeleteOnTermination: true,
|
||||
Encrypted: config.TriTrue,
|
||||
},
|
||||
|
||||
Result: &ec2.BlockDeviceMapping{
|
||||
DeviceName: aws.String("/dev/sdb"),
|
||||
Ebs: &ec2.EbsBlockDevice{
|
||||
VolumeType: aws.String("gp3"),
|
||||
VolumeSize: aws.Int64(8),
|
||||
Throughput: aws.Int64(125),
|
||||
Iops: aws.Int64(3000),
|
||||
DeleteOnTermination: aws.Bool(true),
|
||||
Encrypted: aws.Bool(true),
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tc := range cases {
|
||||
|
@ -270,6 +293,95 @@ func TestIOPSValidation(t *testing.T) {
|
|||
ok: false,
|
||||
msg: "IOPS must be between 100 and 64000 for device /dev/sdb",
|
||||
},
|
||||
// exceed max iops
|
||||
{
|
||||
device: BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
VolumeSize: 50,
|
||||
Throughput: 125,
|
||||
IOPS: 99999,
|
||||
},
|
||||
ok: false,
|
||||
msg: "IOPS must be between 3000 and 16000 for device /dev/sdb",
|
||||
},
|
||||
// lower than min iops
|
||||
{
|
||||
device: BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
VolumeSize: 50,
|
||||
Throughput: 125,
|
||||
IOPS: 10,
|
||||
},
|
||||
ok: false,
|
||||
msg: "IOPS must be between 3000 and 16000 for device /dev/sdb",
|
||||
},
|
||||
}
|
||||
|
||||
ctx := interpolate.Context{}
|
||||
for _, testCase := range cases {
|
||||
err := testCase.device.Prepare(&ctx)
|
||||
if testCase.ok && err != nil {
|
||||
t.Fatalf("should not error, but: %v", err)
|
||||
}
|
||||
if !testCase.ok {
|
||||
if err == nil {
|
||||
t.Fatalf("should error")
|
||||
} else if err.Error() != testCase.msg {
|
||||
t.Fatalf("wrong error: expected %s, found: %v", testCase.msg, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestThroughputValidation(t *testing.T) {
|
||||
|
||||
cases := []struct {
|
||||
device BlockDevice
|
||||
ok bool
|
||||
msg string
|
||||
}{
|
||||
{
|
||||
device: BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
Throughput: 125,
|
||||
IOPS: 3000,
|
||||
},
|
||||
ok: true,
|
||||
},
|
||||
{
|
||||
device: BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
Throughput: 1000,
|
||||
IOPS: 3000,
|
||||
},
|
||||
ok: true,
|
||||
},
|
||||
// exceed max Throughput
|
||||
{
|
||||
device: BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
Throughput: 1001,
|
||||
IOPS: 3000,
|
||||
},
|
||||
ok: false,
|
||||
msg: "Throughput must be between 125 and 1000 for device /dev/sdb",
|
||||
},
|
||||
// lower than min Throughput
|
||||
{
|
||||
device: BlockDevice{
|
||||
DeviceName: "/dev/sdb",
|
||||
VolumeType: "gp3",
|
||||
Throughput: 124,
|
||||
IOPS: 3000,
|
||||
},
|
||||
ok: false,
|
||||
msg: "Throughput must be between 125 and 1000 for device /dev/sdb",
|
||||
},
|
||||
}
|
||||
|
||||
ctx := interpolate.Context{}
|
||||
|
|
|
@ -17,6 +17,7 @@ type FlatBlockDevice struct {
|
|||
IOPS *int64 `mapstructure:"iops" required:"false" cty:"iops" hcl:"iops"`
|
||||
NoDevice *bool `mapstructure:"no_device" required:"false" cty:"no_device" hcl:"no_device"`
|
||||
SnapshotId *string `mapstructure:"snapshot_id" required:"false" cty:"snapshot_id" hcl:"snapshot_id"`
|
||||
Throughput *int64 `mapstructure:"throughput" required:"false" cty:"throughput" hcl:"throughput"`
|
||||
VirtualName *string `mapstructure:"virtual_name" required:"false" cty:"virtual_name" hcl:"virtual_name"`
|
||||
VolumeType *string `mapstructure:"volume_type" required:"false" cty:"volume_type" hcl:"volume_type"`
|
||||
VolumeSize *int64 `mapstructure:"volume_size" required:"false" cty:"volume_size" hcl:"volume_size"`
|
||||
|
@ -42,6 +43,7 @@ func (*FlatBlockDevice) HCL2Spec() map[string]hcldec.Spec {
|
|||
"iops": &hcldec.AttrSpec{Name: "iops", Type: cty.Number, Required: false},
|
||||
"no_device": &hcldec.AttrSpec{Name: "no_device", Type: cty.Bool, Required: false},
|
||||
"snapshot_id": &hcldec.AttrSpec{Name: "snapshot_id", Type: cty.String, Required: false},
|
||||
"throughput": &hcldec.AttrSpec{Name: "throughput", Type: cty.Number, Required: false},
|
||||
"virtual_name": &hcldec.AttrSpec{Name: "virtual_name", Type: cty.String, Required: false},
|
||||
"volume_type": &hcldec.AttrSpec{Name: "volume_type", Type: cty.String, Required: false},
|
||||
"volume_size": &hcldec.AttrSpec{Name: "volume_size", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -17,6 +17,7 @@ type FlatBlockDevice struct {
|
|||
IOPS *int64 `mapstructure:"iops" required:"false" cty:"iops" hcl:"iops"`
|
||||
NoDevice *bool `mapstructure:"no_device" required:"false" cty:"no_device" hcl:"no_device"`
|
||||
SnapshotId *string `mapstructure:"snapshot_id" required:"false" cty:"snapshot_id" hcl:"snapshot_id"`
|
||||
Throughput *int64 `mapstructure:"throughput" required:"false" cty:"throughput" hcl:"throughput"`
|
||||
VirtualName *string `mapstructure:"virtual_name" required:"false" cty:"virtual_name" hcl:"virtual_name"`
|
||||
VolumeType *string `mapstructure:"volume_type" required:"false" cty:"volume_type" hcl:"volume_type"`
|
||||
VolumeSize *int64 `mapstructure:"volume_size" required:"false" cty:"volume_size" hcl:"volume_size"`
|
||||
|
@ -43,6 +44,7 @@ func (*FlatBlockDevice) HCL2Spec() map[string]hcldec.Spec {
|
|||
"iops": &hcldec.AttrSpec{Name: "iops", Type: cty.Number, Required: false},
|
||||
"no_device": &hcldec.AttrSpec{Name: "no_device", Type: cty.Bool, Required: false},
|
||||
"snapshot_id": &hcldec.AttrSpec{Name: "snapshot_id", Type: cty.String, Required: false},
|
||||
"throughput": &hcldec.AttrSpec{Name: "throughput", Type: cty.Number, Required: false},
|
||||
"virtual_name": &hcldec.AttrSpec{Name: "virtual_name", Type: cty.String, Required: false},
|
||||
"volume_type": &hcldec.AttrSpec{Name: "volume_type", Type: cty.String, Required: false},
|
||||
"volume_size": &hcldec.AttrSpec{Name: "volume_size", Type: cty.Number, Required: false},
|
||||
|
|
4
go.mod
4
go.mod
|
@ -24,7 +24,7 @@ require (
|
|||
github.com/antihax/optional v1.0.0
|
||||
github.com/approvals/go-approval-tests v0.0.0-20160714161514-ad96e53bea43
|
||||
github.com/armon/go-metrics v0.0.0-20190430140413-ec5e00d3c878 // indirect
|
||||
github.com/aws/aws-sdk-go v1.34.26
|
||||
github.com/aws/aws-sdk-go v1.36.0
|
||||
github.com/biogo/hts v0.0.0-20160420073057-50da7d4131a3
|
||||
github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee
|
||||
github.com/cheggaaa/pb v1.0.27
|
||||
|
@ -134,7 +134,7 @@ require (
|
|||
github.com/zclconf/go-cty-yaml v1.0.1
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
|
||||
golang.org/x/mobile v0.0.0-20191130191448-5c0e7e404af8
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974
|
||||
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b
|
||||
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43
|
||||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9
|
||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f
|
||||
|
|
7
go.sum
7
go.sum
|
@ -132,6 +132,8 @@ github.com/aws/aws-sdk-go v1.30.8/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU
|
|||
github.com/aws/aws-sdk-go v1.31.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
|
||||
github.com/aws/aws-sdk-go v1.34.26 h1:tw4nsSfGvCDnXt2xPe8NkxIrDui+asAWinMknPLEf80=
|
||||
github.com/aws/aws-sdk-go v1.34.26/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
|
||||
github.com/aws/aws-sdk-go v1.36.0 h1:CscTrS+szX5iu34zk2bZrChnGO/GMtUYgMK1Xzs2hYo=
|
||||
github.com/aws/aws-sdk-go v1.36.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas=
|
||||
|
@ -425,6 +427,9 @@ github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5i
|
|||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
|
||||
github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
|
||||
github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
|
||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
|
||||
github.com/joyent/triton-go v0.0.0-20180628001255-830d2b111e62 h1:JHCT6xuyPUrbbgAPE/3dqlvUKzRHMNuTBKKUb6OeR/k=
|
||||
github.com/joyent/triton-go v0.0.0-20180628001255-830d2b111e62/go.mod h1:U+RSyWxWd04xTqnuOQxnai7XGS2PrPY2cfGoDKtMHjA=
|
||||
github.com/json-iterator/go v1.1.6 h1:MrUvLMLTMxbqFJ9kzlvat/rYZqZnW3u4wkLzWTaFwKs=
|
||||
|
@ -758,6 +763,8 @@ golang.org/x/net v0.0.0-20200904194848-62affa334b73 h1:MXfv8rhZWmFeqX3GNZRsd6vOL
|
|||
golang.org/x/net v0.0.0-20200904194848-62affa334b73/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI=
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME=
|
||||
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
|
|
|
@ -50,7 +50,7 @@ package credentials
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"sync/atomic"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
|
@ -173,7 +173,9 @@ type Expiry struct {
|
|||
// the expiration time given to ensure no requests are made with expired
|
||||
// tokens.
|
||||
func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) {
|
||||
e.expiration = expiration
|
||||
// Passed in expirations should have the monotonic clock values stripped.
|
||||
// This ensures time comparisons will be based on wall-time.
|
||||
e.expiration = expiration.Round(0)
|
||||
if window > 0 {
|
||||
e.expiration = e.expiration.Add(-window)
|
||||
}
|
||||
|
@ -205,9 +207,10 @@ func (e *Expiry) ExpiresAt() time.Time {
|
|||
// first instance of the credentials Value. All calls to Get() after that
|
||||
// will return the cached credentials Value until IsExpired() returns true.
|
||||
type Credentials struct {
|
||||
creds atomic.Value
|
||||
sf singleflight.Group
|
||||
sf singleflight.Group
|
||||
|
||||
m sync.RWMutex
|
||||
creds Value
|
||||
provider Provider
|
||||
}
|
||||
|
||||
|
@ -216,7 +219,6 @@ func NewCredentials(provider Provider) *Credentials {
|
|||
c := &Credentials{
|
||||
provider: provider,
|
||||
}
|
||||
c.creds.Store(Value{})
|
||||
return c
|
||||
}
|
||||
|
||||
|
@ -233,8 +235,17 @@ func NewCredentials(provider Provider) *Credentials {
|
|||
//
|
||||
// Passed in Context is equivalent to aws.Context, and context.Context.
|
||||
func (c *Credentials) GetWithContext(ctx Context) (Value, error) {
|
||||
if curCreds := c.creds.Load(); !c.isExpired(curCreds) {
|
||||
return curCreds.(Value), nil
|
||||
// Check if credentials are cached, and not expired.
|
||||
select {
|
||||
case curCreds, ok := <-c.asyncIsExpired():
|
||||
// ok will only be true, of the credentials were not expired. ok will
|
||||
// be false and have no value if the credentials are expired.
|
||||
if ok {
|
||||
return curCreds, nil
|
||||
}
|
||||
case <-ctx.Done():
|
||||
return Value{}, awserr.New("RequestCanceled",
|
||||
"request context canceled", ctx.Err())
|
||||
}
|
||||
|
||||
// Cannot pass context down to the actual retrieve, because the first
|
||||
|
@ -252,18 +263,23 @@ func (c *Credentials) GetWithContext(ctx Context) (Value, error) {
|
|||
}
|
||||
}
|
||||
|
||||
func (c *Credentials) singleRetrieve(ctx Context) (creds interface{}, err error) {
|
||||
if curCreds := c.creds.Load(); !c.isExpired(curCreds) {
|
||||
return curCreds.(Value), nil
|
||||
func (c *Credentials) singleRetrieve(ctx Context) (interface{}, error) {
|
||||
c.m.Lock()
|
||||
defer c.m.Unlock()
|
||||
|
||||
if curCreds := c.creds; !c.isExpiredLocked(curCreds) {
|
||||
return curCreds, nil
|
||||
}
|
||||
|
||||
var creds Value
|
||||
var err error
|
||||
if p, ok := c.provider.(ProviderWithContext); ok {
|
||||
creds, err = p.RetrieveWithContext(ctx)
|
||||
} else {
|
||||
creds, err = c.provider.Retrieve()
|
||||
}
|
||||
if err == nil {
|
||||
c.creds.Store(creds)
|
||||
c.creds = creds
|
||||
}
|
||||
|
||||
return creds, err
|
||||
|
@ -288,7 +304,10 @@ func (c *Credentials) Get() (Value, error) {
|
|||
// This will override the Provider's expired state, and force Credentials
|
||||
// to call the Provider's Retrieve().
|
||||
func (c *Credentials) Expire() {
|
||||
c.creds.Store(Value{})
|
||||
c.m.Lock()
|
||||
defer c.m.Unlock()
|
||||
|
||||
c.creds = Value{}
|
||||
}
|
||||
|
||||
// IsExpired returns if the credentials are no longer valid, and need
|
||||
|
@ -297,11 +316,32 @@ func (c *Credentials) Expire() {
|
|||
// If the Credentials were forced to be expired with Expire() this will
|
||||
// reflect that override.
|
||||
func (c *Credentials) IsExpired() bool {
|
||||
return c.isExpired(c.creds.Load())
|
||||
c.m.RLock()
|
||||
defer c.m.RUnlock()
|
||||
|
||||
return c.isExpiredLocked(c.creds)
|
||||
}
|
||||
|
||||
// isExpired helper method wrapping the definition of expired credentials.
|
||||
func (c *Credentials) isExpired(creds interface{}) bool {
|
||||
// asyncIsExpired returns a channel of credentials Value. If the channel is
|
||||
// closed the credentials are expired and credentials value are not empty.
|
||||
func (c *Credentials) asyncIsExpired() <-chan Value {
|
||||
ch := make(chan Value, 1)
|
||||
go func() {
|
||||
c.m.RLock()
|
||||
defer c.m.RUnlock()
|
||||
|
||||
if curCreds := c.creds; !c.isExpiredLocked(curCreds) {
|
||||
ch <- curCreds
|
||||
}
|
||||
|
||||
close(ch)
|
||||
}()
|
||||
|
||||
return ch
|
||||
}
|
||||
|
||||
// isExpiredLocked helper method wrapping the definition of expired credentials.
|
||||
func (c *Credentials) isExpiredLocked(creds interface{}) bool {
|
||||
return creds == nil || creds.(Value) == Value{} || c.provider.IsExpired()
|
||||
}
|
||||
|
||||
|
@ -309,13 +349,17 @@ func (c *Credentials) isExpired(creds interface{}) bool {
|
|||
// the underlying Provider, if it supports that interface. Otherwise, it returns
|
||||
// an error.
|
||||
func (c *Credentials) ExpiresAt() (time.Time, error) {
|
||||
c.m.RLock()
|
||||
defer c.m.RUnlock()
|
||||
|
||||
expirer, ok := c.provider.(Expirer)
|
||||
if !ok {
|
||||
return time.Time{}, awserr.New("ProviderNotExpirer",
|
||||
fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.Load().(Value).ProviderName),
|
||||
fmt.Sprintf("provider %s does not support ExpiresAt()",
|
||||
c.creds.ProviderName),
|
||||
nil)
|
||||
}
|
||||
if c.creds.Load().(Value) == (Value{}) {
|
||||
if c.creds == (Value{}) {
|
||||
// set expiration time to the distant past
|
||||
return time.Time{}, nil
|
||||
}
|
||||
|
|
|
@ -87,6 +87,7 @@ func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) {
|
|||
// If the error code status is 401, we enable the token provider
|
||||
if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil &&
|
||||
e.StatusCode() == http.StatusUnauthorized {
|
||||
t.token.Store(ec2Token{})
|
||||
atomic.StoreUint32(&t.disabled, 0)
|
||||
}
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -5,4 +5,4 @@ package aws
|
|||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.34.26"
|
||||
const SDKVersion = "1.36.0"
|
||||
|
|
|
@ -63,9 +63,10 @@ var parseTable = map[ASTKind]map[TokenType]int{
|
|||
TokenNone: MarkCompleteState,
|
||||
},
|
||||
ASTKindEqualExpr: map[TokenType]int{
|
||||
TokenLit: ValueState,
|
||||
TokenWS: SkipTokenState,
|
||||
TokenNL: SkipState,
|
||||
TokenLit: ValueState,
|
||||
TokenWS: SkipTokenState,
|
||||
TokenNL: SkipState,
|
||||
TokenNone: SkipState,
|
||||
},
|
||||
ASTKindStatement: map[TokenType]int{
|
||||
TokenLit: SectionState,
|
||||
|
|
|
@ -19,23 +19,28 @@ func (a AccessPointARN) GetARN() arn.ARN {
|
|||
|
||||
// ParseAccessPointResource attempts to parse the ARN's resource as an
|
||||
// AccessPoint resource.
|
||||
//
|
||||
// Supported Access point resource format:
|
||||
// - Access point format: arn:{partition}:s3:{region}:{accountId}:accesspoint/{accesspointName}
|
||||
// - example: arn.aws.s3.us-west-2.012345678901:accesspoint/myaccesspoint
|
||||
//
|
||||
func ParseAccessPointResource(a arn.ARN, resParts []string) (AccessPointARN, error) {
|
||||
if len(a.Region) == 0 {
|
||||
return AccessPointARN{}, InvalidARNError{a, "region not set"}
|
||||
return AccessPointARN{}, InvalidARNError{ARN: a, Reason: "region not set"}
|
||||
}
|
||||
if len(a.AccountID) == 0 {
|
||||
return AccessPointARN{}, InvalidARNError{a, "account-id not set"}
|
||||
return AccessPointARN{}, InvalidARNError{ARN: a, Reason: "account-id not set"}
|
||||
}
|
||||
if len(resParts) == 0 {
|
||||
return AccessPointARN{}, InvalidARNError{a, "resource-id not set"}
|
||||
return AccessPointARN{}, InvalidARNError{ARN: a, Reason: "resource-id not set"}
|
||||
}
|
||||
if len(resParts) > 1 {
|
||||
return AccessPointARN{}, InvalidARNError{a, "sub resource not supported"}
|
||||
return AccessPointARN{}, InvalidARNError{ARN: a, Reason: "sub resource not supported"}
|
||||
}
|
||||
|
||||
resID := resParts[0]
|
||||
if len(strings.TrimSpace(resID)) == 0 {
|
||||
return AccessPointARN{}, InvalidARNError{a, "resource-id not set"}
|
||||
return AccessPointARN{}, InvalidARNError{ARN: a, Reason: "resource-id not set"}
|
||||
}
|
||||
|
||||
return AccessPointARN{
|
|
@ -1,6 +1,7 @@
|
|||
package arn
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/arn"
|
||||
|
@ -25,13 +26,14 @@ func ParseResource(s string, resParser ResourceParser) (resARN Resource, err err
|
|||
}
|
||||
|
||||
if len(a.Partition) == 0 {
|
||||
return nil, InvalidARNError{a, "partition not set"}
|
||||
return nil, InvalidARNError{ARN: a, Reason: "partition not set"}
|
||||
}
|
||||
if a.Service != "s3" {
|
||||
return nil, InvalidARNError{a, "service is not S3"}
|
||||
|
||||
if a.Service != "s3" && a.Service != "s3-outposts" {
|
||||
return nil, InvalidARNError{ARN: a, Reason: "service is not supported"}
|
||||
}
|
||||
if len(a.Resource) == 0 {
|
||||
return nil, InvalidARNError{a, "resource not set"}
|
||||
return nil, InvalidARNError{ARN: a, Reason: "resource not set"}
|
||||
}
|
||||
|
||||
return resParser(a)
|
||||
|
@ -66,6 +68,7 @@ type InvalidARNError struct {
|
|||
Reason string
|
||||
}
|
||||
|
||||
// Error returns a string denoting the occurred InvalidARNError
|
||||
func (e InvalidARNError) Error() string {
|
||||
return "invalid Amazon S3 ARN, " + e.Reason + ", " + e.ARN.String()
|
||||
return fmt.Sprintf("invalid Amazon %s ARN, %s, %s", e.ARN.Service, e.Reason, e.ARN.String())
|
||||
}
|
126
vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/outpost_arn.go
generated
vendored
Normal file
126
vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/outpost_arn.go
generated
vendored
Normal file
|
@ -0,0 +1,126 @@
|
|||
package arn
|
||||
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/arn"
|
||||
)
|
||||
|
||||
// OutpostARN interface that should be satisfied by outpost ARNs
|
||||
type OutpostARN interface {
|
||||
Resource
|
||||
GetOutpostID() string
|
||||
}
|
||||
|
||||
// ParseOutpostARNResource will parse a provided ARNs resource using the appropriate ARN format
|
||||
// and return a specific OutpostARN type
|
||||
//
|
||||
// Currently supported outpost ARN formats:
|
||||
// * Outpost AccessPoint ARN format:
|
||||
// - ARN format: arn:{partition}:s3-outposts:{region}:{accountId}:outpost/{outpostId}/accesspoint/{accesspointName}
|
||||
// - example: arn:aws:s3-outposts:us-west-2:012345678901:outpost/op-1234567890123456/accesspoint/myaccesspoint
|
||||
//
|
||||
// * Outpost Bucket ARN format:
|
||||
// - ARN format: arn:{partition}:s3-outposts:{region}:{accountId}:outpost/{outpostId}/bucket/{bucketName}
|
||||
// - example: arn:aws:s3-outposts:us-west-2:012345678901:outpost/op-1234567890123456/bucket/mybucket
|
||||
//
|
||||
// Other outpost ARN formats may be supported and added in the future.
|
||||
//
|
||||
func ParseOutpostARNResource(a arn.ARN, resParts []string) (OutpostARN, error) {
|
||||
if len(a.Region) == 0 {
|
||||
return nil, InvalidARNError{ARN: a, Reason: "region not set"}
|
||||
}
|
||||
|
||||
if len(a.AccountID) == 0 {
|
||||
return nil, InvalidARNError{ARN: a, Reason: "account-id not set"}
|
||||
}
|
||||
|
||||
// verify if outpost id is present and valid
|
||||
if len(resParts) == 0 || len(strings.TrimSpace(resParts[0])) == 0 {
|
||||
return nil, InvalidARNError{ARN: a, Reason: "outpost resource-id not set"}
|
||||
}
|
||||
|
||||
// verify possible resource type exists
|
||||
if len(resParts) < 3 {
|
||||
return nil, InvalidARNError{
|
||||
ARN: a, Reason: "incomplete outpost resource type. Expected bucket or access-point resource to be present",
|
||||
}
|
||||
}
|
||||
|
||||
// Since we know this is a OutpostARN fetch outpostID
|
||||
outpostID := strings.TrimSpace(resParts[0])
|
||||
|
||||
switch resParts[1] {
|
||||
case "accesspoint":
|
||||
accesspointARN, err := ParseAccessPointResource(a, resParts[2:])
|
||||
if err != nil {
|
||||
return OutpostAccessPointARN{}, err
|
||||
}
|
||||
return OutpostAccessPointARN{
|
||||
AccessPointARN: accesspointARN,
|
||||
OutpostID: outpostID,
|
||||
}, nil
|
||||
|
||||
case "bucket":
|
||||
bucketName, err := parseBucketResource(a, resParts[2:])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return OutpostBucketARN{
|
||||
ARN: a,
|
||||
BucketName: bucketName,
|
||||
OutpostID: outpostID,
|
||||
}, nil
|
||||
|
||||
default:
|
||||
return nil, InvalidARNError{ARN: a, Reason: "unknown resource set for outpost ARN"}
|
||||
}
|
||||
}
|
||||
|
||||
// OutpostAccessPointARN represents outpost access point ARN.
|
||||
type OutpostAccessPointARN struct {
|
||||
AccessPointARN
|
||||
OutpostID string
|
||||
}
|
||||
|
||||
// GetOutpostID returns the outpost id of outpost access point arn
|
||||
func (o OutpostAccessPointARN) GetOutpostID() string {
|
||||
return o.OutpostID
|
||||
}
|
||||
|
||||
// OutpostBucketARN represents the outpost bucket ARN.
|
||||
type OutpostBucketARN struct {
|
||||
arn.ARN
|
||||
BucketName string
|
||||
OutpostID string
|
||||
}
|
||||
|
||||
// GetOutpostID returns the outpost id of outpost bucket arn
|
||||
func (o OutpostBucketARN) GetOutpostID() string {
|
||||
return o.OutpostID
|
||||
}
|
||||
|
||||
// GetARN retrives the base ARN from outpost bucket ARN resource
|
||||
func (o OutpostBucketARN) GetARN() arn.ARN {
|
||||
return o.ARN
|
||||
}
|
||||
|
||||
// parseBucketResource attempts to parse the ARN's bucket resource and retrieve the
|
||||
// bucket resource id.
|
||||
//
|
||||
// parseBucketResource only parses the bucket resource id.
|
||||
//
|
||||
func parseBucketResource(a arn.ARN, resParts []string) (bucketName string, err error) {
|
||||
if len(resParts) == 0 {
|
||||
return bucketName, InvalidARNError{ARN: a, Reason: "bucket resource-id not set"}
|
||||
}
|
||||
if len(resParts) > 1 {
|
||||
return bucketName, InvalidARNError{ARN: a, Reason: "sub resource not supported"}
|
||||
}
|
||||
|
||||
bucketName = strings.TrimSpace(resParts[0])
|
||||
if len(bucketName) == 0 {
|
||||
return bucketName, InvalidARNError{ARN: a, Reason: "bucket resource-id not set"}
|
||||
}
|
||||
return bucketName, err
|
||||
}
|
189
vendor/github.com/aws/aws-sdk-go/internal/s3shared/endpoint_errors.go
generated
vendored
Normal file
189
vendor/github.com/aws/aws-sdk-go/internal/s3shared/endpoint_errors.go
generated
vendored
Normal file
|
@ -0,0 +1,189 @@
|
|||
package s3shared
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared/arn"
|
||||
)
|
||||
|
||||
const (
|
||||
invalidARNErrorErrCode = "InvalidARNError"
|
||||
configurationErrorErrCode = "ConfigurationError"
|
||||
)
|
||||
|
||||
// InvalidARNError denotes the error for Invalid ARN
|
||||
type InvalidARNError struct {
|
||||
message string
|
||||
resource arn.Resource
|
||||
origErr error
|
||||
}
|
||||
|
||||
// Error returns the InvalidARNError
|
||||
func (e InvalidARNError) Error() string {
|
||||
var extra string
|
||||
if e.resource != nil {
|
||||
extra = "ARN: " + e.resource.String()
|
||||
}
|
||||
return awserr.SprintError(e.Code(), e.Message(), extra, e.origErr)
|
||||
}
|
||||
|
||||
// Code returns the invalid ARN error code
|
||||
func (e InvalidARNError) Code() string {
|
||||
return invalidARNErrorErrCode
|
||||
}
|
||||
|
||||
// Message returns the message for Invalid ARN error
|
||||
func (e InvalidARNError) Message() string {
|
||||
return e.message
|
||||
}
|
||||
|
||||
// OrigErr is the original error wrapped by Invalid ARN Error
|
||||
func (e InvalidARNError) OrigErr() error {
|
||||
return e.origErr
|
||||
}
|
||||
|
||||
// NewInvalidARNError denotes invalid arn error
|
||||
func NewInvalidARNError(resource arn.Resource, err error) InvalidARNError {
|
||||
return InvalidARNError{
|
||||
message: "invalid ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
}
|
||||
}
|
||||
|
||||
// NewInvalidARNWithCustomEndpointError ARN not supported for custom clients endpoints
|
||||
func NewInvalidARNWithCustomEndpointError(resource arn.Resource, err error) InvalidARNError {
|
||||
return InvalidARNError{
|
||||
message: "resource ARN not supported with custom client endpoints",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
}
|
||||
}
|
||||
|
||||
// NewInvalidARNWithUnsupportedPartitionError ARN not supported for the target partition
|
||||
func NewInvalidARNWithUnsupportedPartitionError(resource arn.Resource, err error) InvalidARNError {
|
||||
return InvalidARNError{
|
||||
message: "resource ARN not supported for the target ARN partition",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
}
|
||||
}
|
||||
|
||||
// NewInvalidARNWithFIPSError ARN not supported for FIPS region
|
||||
func NewInvalidARNWithFIPSError(resource arn.Resource, err error) InvalidARNError {
|
||||
return InvalidARNError{
|
||||
message: "resource ARN not supported for FIPS region",
|
||||
resource: resource,
|
||||
origErr: err,
|
||||
}
|
||||
}
|
||||
|
||||
// ConfigurationError is used to denote a client configuration error
|
||||
type ConfigurationError struct {
|
||||
message string
|
||||
resource arn.Resource
|
||||
clientPartitionID string
|
||||
clientRegion string
|
||||
origErr error
|
||||
}
|
||||
|
||||
// Error returns the Configuration error string
|
||||
func (e ConfigurationError) Error() string {
|
||||
extra := fmt.Sprintf("ARN: %s, client partition: %s, client region: %s",
|
||||
e.resource, e.clientPartitionID, e.clientRegion)
|
||||
|
||||
return awserr.SprintError(e.Code(), e.Message(), extra, e.origErr)
|
||||
}
|
||||
|
||||
// Code returns configuration error's error-code
|
||||
func (e ConfigurationError) Code() string {
|
||||
return configurationErrorErrCode
|
||||
}
|
||||
|
||||
// Message returns the configuration error message
|
||||
func (e ConfigurationError) Message() string {
|
||||
return e.message
|
||||
}
|
||||
|
||||
// OrigErr is the original error wrapped by Configuration Error
|
||||
func (e ConfigurationError) OrigErr() error {
|
||||
return e.origErr
|
||||
}
|
||||
|
||||
// NewClientPartitionMismatchError stub
|
||||
func NewClientPartitionMismatchError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "client partition does not match provided ARN partition",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
// NewClientRegionMismatchError denotes cross region access error
|
||||
func NewClientRegionMismatchError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "client region does not match provided ARN region",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
// NewFailedToResolveEndpointError denotes endpoint resolving error
|
||||
func NewFailedToResolveEndpointError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "endpoint resolver failed to find an endpoint for the provided ARN region",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
// NewClientConfiguredForFIPSError denotes client config error for unsupported cross region FIPS access
|
||||
func NewClientConfiguredForFIPSError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "client configured for fips but cross-region resource ARN provided",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
// NewClientConfiguredForAccelerateError denotes client config error for unsupported S3 accelerate
|
||||
func NewClientConfiguredForAccelerateError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "client configured for S3 Accelerate but is not supported with resource ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
// NewClientConfiguredForCrossRegionFIPSError denotes client config error for unsupported cross region FIPS request
|
||||
func NewClientConfiguredForCrossRegionFIPSError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "client configured for FIPS with cross-region enabled but is supported with cross-region resource ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
// NewClientConfiguredForDualStackError denotes client config error for unsupported S3 Dual-stack
|
||||
func NewClientConfiguredForDualStackError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError {
|
||||
return ConfigurationError{
|
||||
message: "client configured for S3 Dual-stack but is not supported with resource ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
62
vendor/github.com/aws/aws-sdk-go/internal/s3shared/resource_request.go
generated
vendored
Normal file
62
vendor/github.com/aws/aws-sdk-go/internal/s3shared/resource_request.go
generated
vendored
Normal file
|
@ -0,0 +1,62 @@
|
|||
package s3shared
|
||||
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
awsarn "github.com/aws/aws-sdk-go/aws/arn"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared/arn"
|
||||
)
|
||||
|
||||
// ResourceRequest represents the request and arn resource
|
||||
type ResourceRequest struct {
|
||||
Resource arn.Resource
|
||||
Request *request.Request
|
||||
}
|
||||
|
||||
// ARN returns the resource ARN
|
||||
func (r ResourceRequest) ARN() awsarn.ARN {
|
||||
return r.Resource.GetARN()
|
||||
}
|
||||
|
||||
// AllowCrossRegion returns a bool value to denote if S3UseARNRegion flag is set
|
||||
func (r ResourceRequest) AllowCrossRegion() bool {
|
||||
return aws.BoolValue(r.Request.Config.S3UseARNRegion)
|
||||
}
|
||||
|
||||
// UseFIPS returns true if request config region is FIPS
|
||||
func (r ResourceRequest) UseFIPS() bool {
|
||||
return IsFIPS(aws.StringValue(r.Request.Config.Region))
|
||||
}
|
||||
|
||||
// ResourceConfiguredForFIPS returns true if resource ARNs region is FIPS
|
||||
func (r ResourceRequest) ResourceConfiguredForFIPS() bool {
|
||||
return IsFIPS(r.ARN().Region)
|
||||
}
|
||||
|
||||
// IsCrossPartition returns true if client is configured for another partition, than
|
||||
// the partition that resource ARN region resolves to.
|
||||
func (r ResourceRequest) IsCrossPartition() bool {
|
||||
return r.Request.ClientInfo.PartitionID != r.Resource.GetARN().Partition
|
||||
}
|
||||
|
||||
// IsCrossRegion returns true if ARN region is different than client configured region
|
||||
func (r ResourceRequest) IsCrossRegion() bool {
|
||||
return IsCrossRegion(r.Request, r.Resource.GetARN().Region)
|
||||
}
|
||||
|
||||
// HasCustomEndpoint returns true if custom client endpoint is provided
|
||||
func (r ResourceRequest) HasCustomEndpoint() bool {
|
||||
return len(aws.StringValue(r.Request.Config.Endpoint)) > 0
|
||||
}
|
||||
|
||||
// IsFIPS returns true if region is a fips region
|
||||
func IsFIPS(clientRegion string) bool {
|
||||
return strings.HasPrefix(clientRegion, "fips-") || strings.HasSuffix(clientRegion, "-fips")
|
||||
}
|
||||
|
||||
// IsCrossRegion returns true if request signing region is not same as configured region
|
||||
func IsCrossRegion(req *request.Request, otherRegion string) bool {
|
||||
return req.ClientInfo.SigningRegion != otherRegion
|
||||
}
|
File diff suppressed because it is too large
Load Diff
|
@ -116,6 +116,10 @@ type EC2API interface {
|
|||
AssociateDhcpOptionsWithContext(aws.Context, *ec2.AssociateDhcpOptionsInput, ...request.Option) (*ec2.AssociateDhcpOptionsOutput, error)
|
||||
AssociateDhcpOptionsRequest(*ec2.AssociateDhcpOptionsInput) (*request.Request, *ec2.AssociateDhcpOptionsOutput)
|
||||
|
||||
AssociateEnclaveCertificateIamRole(*ec2.AssociateEnclaveCertificateIamRoleInput) (*ec2.AssociateEnclaveCertificateIamRoleOutput, error)
|
||||
AssociateEnclaveCertificateIamRoleWithContext(aws.Context, *ec2.AssociateEnclaveCertificateIamRoleInput, ...request.Option) (*ec2.AssociateEnclaveCertificateIamRoleOutput, error)
|
||||
AssociateEnclaveCertificateIamRoleRequest(*ec2.AssociateEnclaveCertificateIamRoleInput) (*request.Request, *ec2.AssociateEnclaveCertificateIamRoleOutput)
|
||||
|
||||
AssociateIamInstanceProfile(*ec2.AssociateIamInstanceProfileInput) (*ec2.AssociateIamInstanceProfileOutput, error)
|
||||
AssociateIamInstanceProfileWithContext(aws.Context, *ec2.AssociateIamInstanceProfileInput, ...request.Option) (*ec2.AssociateIamInstanceProfileOutput, error)
|
||||
AssociateIamInstanceProfileRequest(*ec2.AssociateIamInstanceProfileInput) (*request.Request, *ec2.AssociateIamInstanceProfileOutput)
|
||||
|
@ -1420,6 +1424,10 @@ type EC2API interface {
|
|||
DisassociateClientVpnTargetNetworkWithContext(aws.Context, *ec2.DisassociateClientVpnTargetNetworkInput, ...request.Option) (*ec2.DisassociateClientVpnTargetNetworkOutput, error)
|
||||
DisassociateClientVpnTargetNetworkRequest(*ec2.DisassociateClientVpnTargetNetworkInput) (*request.Request, *ec2.DisassociateClientVpnTargetNetworkOutput)
|
||||
|
||||
DisassociateEnclaveCertificateIamRole(*ec2.DisassociateEnclaveCertificateIamRoleInput) (*ec2.DisassociateEnclaveCertificateIamRoleOutput, error)
|
||||
DisassociateEnclaveCertificateIamRoleWithContext(aws.Context, *ec2.DisassociateEnclaveCertificateIamRoleInput, ...request.Option) (*ec2.DisassociateEnclaveCertificateIamRoleOutput, error)
|
||||
DisassociateEnclaveCertificateIamRoleRequest(*ec2.DisassociateEnclaveCertificateIamRoleInput) (*request.Request, *ec2.DisassociateEnclaveCertificateIamRoleOutput)
|
||||
|
||||
DisassociateIamInstanceProfile(*ec2.DisassociateIamInstanceProfileInput) (*ec2.DisassociateIamInstanceProfileOutput, error)
|
||||
DisassociateIamInstanceProfileWithContext(aws.Context, *ec2.DisassociateIamInstanceProfileInput, ...request.Option) (*ec2.DisassociateIamInstanceProfileOutput, error)
|
||||
DisassociateIamInstanceProfileRequest(*ec2.DisassociateIamInstanceProfileInput) (*request.Request, *ec2.DisassociateIamInstanceProfileOutput)
|
||||
|
@ -1488,6 +1496,10 @@ type EC2API interface {
|
|||
ExportTransitGatewayRoutesWithContext(aws.Context, *ec2.ExportTransitGatewayRoutesInput, ...request.Option) (*ec2.ExportTransitGatewayRoutesOutput, error)
|
||||
ExportTransitGatewayRoutesRequest(*ec2.ExportTransitGatewayRoutesInput) (*request.Request, *ec2.ExportTransitGatewayRoutesOutput)
|
||||
|
||||
GetAssociatedEnclaveCertificateIamRoles(*ec2.GetAssociatedEnclaveCertificateIamRolesInput) (*ec2.GetAssociatedEnclaveCertificateIamRolesOutput, error)
|
||||
GetAssociatedEnclaveCertificateIamRolesWithContext(aws.Context, *ec2.GetAssociatedEnclaveCertificateIamRolesInput, ...request.Option) (*ec2.GetAssociatedEnclaveCertificateIamRolesOutput, error)
|
||||
GetAssociatedEnclaveCertificateIamRolesRequest(*ec2.GetAssociatedEnclaveCertificateIamRolesInput) (*request.Request, *ec2.GetAssociatedEnclaveCertificateIamRolesOutput)
|
||||
|
||||
GetAssociatedIpv6PoolCidrs(*ec2.GetAssociatedIpv6PoolCidrsInput) (*ec2.GetAssociatedIpv6PoolCidrsOutput, error)
|
||||
GetAssociatedIpv6PoolCidrsWithContext(aws.Context, *ec2.GetAssociatedIpv6PoolCidrsInput, ...request.Option) (*ec2.GetAssociatedIpv6PoolCidrsOutput, error)
|
||||
GetAssociatedIpv6PoolCidrsRequest(*ec2.GetAssociatedIpv6PoolCidrsInput) (*request.Request, *ec2.GetAssociatedIpv6PoolCidrsOutput)
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -3,8 +3,8 @@ package s3
|
|||
import (
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/s3err"
|
||||
"github.com/aws/aws-sdk-go/service/s3/internal/arn"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared/arn"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared/s3err"
|
||||
)
|
||||
|
||||
func init() {
|
||||
|
@ -69,6 +69,8 @@ type copySourceSSECustomerKeyGetter interface {
|
|||
getCopySourceSSECustomerKey() string
|
||||
}
|
||||
|
||||
// endpointARNGetter is an accessor interface to grab the
|
||||
// the field corresponding to an endpoint ARN input.
|
||||
type endpointARNGetter interface {
|
||||
getEndpointARN() (arn.Resource, error)
|
||||
hasEndpointARN() bool
|
||||
|
|
|
@ -6,11 +6,9 @@ import (
|
|||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
awsarn "github.com/aws/aws-sdk-go/aws/arn"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/endpoints"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
"github.com/aws/aws-sdk-go/service/s3/internal/arn"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared/arn"
|
||||
)
|
||||
|
||||
// Used by shapes with members decorated as endpoint ARN.
|
||||
|
@ -22,12 +20,66 @@ func accessPointResourceParser(a awsarn.ARN) (arn.Resource, error) {
|
|||
resParts := arn.SplitResource(a.Resource)
|
||||
switch resParts[0] {
|
||||
case "accesspoint":
|
||||
if a.Service != "s3" {
|
||||
return arn.AccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3"}
|
||||
}
|
||||
return arn.ParseAccessPointResource(a, resParts[1:])
|
||||
case "outpost":
|
||||
if a.Service != "s3-outposts" {
|
||||
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3-outposts"}
|
||||
}
|
||||
return parseOutpostAccessPointResource(a, resParts[1:])
|
||||
default:
|
||||
return nil, arn.InvalidARNError{ARN: a, Reason: "unknown resource type"}
|
||||
}
|
||||
}
|
||||
|
||||
// parseOutpostAccessPointResource attempts to parse the ARNs resource as an
|
||||
// outpost access-point resource.
|
||||
//
|
||||
// Supported Outpost AccessPoint ARN format:
|
||||
// - ARN format: arn:{partition}:s3-outposts:{region}:{accountId}:outpost/{outpostId}/accesspoint/{accesspointName}
|
||||
// - example: arn:aws:s3-outposts:us-west-2:012345678901:outpost/op-1234567890123456/accesspoint/myaccesspoint
|
||||
//
|
||||
func parseOutpostAccessPointResource(a awsarn.ARN, resParts []string) (arn.OutpostAccessPointARN, error) {
|
||||
// outpost accesspoint arn is only valid if service is s3-outposts
|
||||
if a.Service != "s3-outposts" {
|
||||
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3-outposts"}
|
||||
}
|
||||
|
||||
if len(resParts) == 0 {
|
||||
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "outpost resource-id not set"}
|
||||
}
|
||||
|
||||
if len(resParts) < 3 {
|
||||
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{
|
||||
ARN: a, Reason: "access-point resource not set in Outpost ARN",
|
||||
}
|
||||
}
|
||||
|
||||
resID := strings.TrimSpace(resParts[0])
|
||||
if len(resID) == 0 {
|
||||
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "outpost resource-id not set"}
|
||||
}
|
||||
|
||||
var outpostAccessPointARN = arn.OutpostAccessPointARN{}
|
||||
switch resParts[1] {
|
||||
case "accesspoint":
|
||||
accessPointARN, err := arn.ParseAccessPointResource(a, resParts[2:])
|
||||
if err != nil {
|
||||
return arn.OutpostAccessPointARN{}, err
|
||||
}
|
||||
// set access-point arn
|
||||
outpostAccessPointARN.AccessPointARN = accessPointARN
|
||||
default:
|
||||
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "access-point resource not set in Outpost ARN"}
|
||||
}
|
||||
|
||||
// set outpost id
|
||||
outpostAccessPointARN.OutpostID = resID
|
||||
return outpostAccessPointARN, nil
|
||||
}
|
||||
|
||||
func endpointHandler(req *request.Request) {
|
||||
endpoint, ok := req.Params.(endpointARNGetter)
|
||||
if !ok || !endpoint.hasEndpointARN() {
|
||||
|
@ -37,29 +89,29 @@ func endpointHandler(req *request.Request) {
|
|||
|
||||
resource, err := endpoint.getEndpointARN()
|
||||
if err != nil {
|
||||
req.Error = newInvalidARNError(nil, err)
|
||||
req.Error = s3shared.NewInvalidARNError(nil, err)
|
||||
return
|
||||
}
|
||||
|
||||
resReq := resourceRequest{
|
||||
resReq := s3shared.ResourceRequest{
|
||||
Resource: resource,
|
||||
Request: req,
|
||||
}
|
||||
|
||||
if resReq.IsCrossPartition() {
|
||||
req.Error = newClientPartitionMismatchError(resource,
|
||||
req.Error = s3shared.NewClientPartitionMismatchError(resource,
|
||||
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
|
||||
return
|
||||
}
|
||||
|
||||
if !resReq.AllowCrossRegion() && resReq.IsCrossRegion() {
|
||||
req.Error = newClientRegionMismatchError(resource,
|
||||
req.Error = s3shared.NewClientRegionMismatchError(resource,
|
||||
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
|
||||
return
|
||||
}
|
||||
|
||||
if resReq.HasCustomEndpoint() {
|
||||
req.Error = newInvalidARNWithCustomEndpointError(resource, nil)
|
||||
req.Error = s3shared.NewInvalidARNWithCustomEndpointError(resource, nil)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -69,47 +121,22 @@ func endpointHandler(req *request.Request) {
|
|||
if err != nil {
|
||||
req.Error = err
|
||||
}
|
||||
case arn.OutpostAccessPointARN:
|
||||
// outposts does not support FIPS regions
|
||||
if resReq.ResourceConfiguredForFIPS() {
|
||||
req.Error = s3shared.NewInvalidARNWithFIPSError(resource, nil)
|
||||
return
|
||||
}
|
||||
|
||||
err = updateRequestOutpostAccessPointEndpoint(req, tv)
|
||||
if err != nil {
|
||||
req.Error = err
|
||||
}
|
||||
default:
|
||||
req.Error = newInvalidARNError(resource, nil)
|
||||
req.Error = s3shared.NewInvalidARNError(resource, nil)
|
||||
}
|
||||
}
|
||||
|
||||
type resourceRequest struct {
|
||||
Resource arn.Resource
|
||||
Request *request.Request
|
||||
}
|
||||
|
||||
func (r resourceRequest) ARN() awsarn.ARN {
|
||||
return r.Resource.GetARN()
|
||||
}
|
||||
|
||||
func (r resourceRequest) AllowCrossRegion() bool {
|
||||
return aws.BoolValue(r.Request.Config.S3UseARNRegion)
|
||||
}
|
||||
|
||||
func (r resourceRequest) UseFIPS() bool {
|
||||
return isFIPS(aws.StringValue(r.Request.Config.Region))
|
||||
}
|
||||
|
||||
func (r resourceRequest) IsCrossPartition() bool {
|
||||
return r.Request.ClientInfo.PartitionID != r.Resource.GetARN().Partition
|
||||
}
|
||||
|
||||
func (r resourceRequest) IsCrossRegion() bool {
|
||||
return isCrossRegion(r.Request, r.Resource.GetARN().Region)
|
||||
}
|
||||
|
||||
func (r resourceRequest) HasCustomEndpoint() bool {
|
||||
return len(aws.StringValue(r.Request.Config.Endpoint)) > 0
|
||||
}
|
||||
|
||||
func isFIPS(clientRegion string) bool {
|
||||
return strings.HasPrefix(clientRegion, "fips-") || strings.HasSuffix(clientRegion, "-fips")
|
||||
}
|
||||
func isCrossRegion(req *request.Request, otherRegion string) bool {
|
||||
return req.ClientInfo.SigningRegion != otherRegion
|
||||
}
|
||||
|
||||
func updateBucketEndpointFromParams(r *request.Request) {
|
||||
bucket, ok := bucketNameFromReqParams(r.Params)
|
||||
if !ok {
|
||||
|
@ -124,7 +151,7 @@ func updateBucketEndpointFromParams(r *request.Request) {
|
|||
func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.AccessPointARN) error {
|
||||
// Accelerate not supported
|
||||
if aws.BoolValue(req.Config.S3UseAccelerate) {
|
||||
return newClientConfiguredForAccelerateError(accessPoint,
|
||||
return s3shared.NewClientConfiguredForAccelerateError(accessPoint,
|
||||
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
|
||||
}
|
||||
|
||||
|
@ -132,7 +159,7 @@ func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.Acce
|
|||
// are not supported.
|
||||
req.Config.DisableEndpointHostPrefix = aws.Bool(false)
|
||||
|
||||
if err := accessPointEndpointBuilder(accessPoint).Build(req); err != nil {
|
||||
if err := accessPointEndpointBuilder(accessPoint).build(req); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
@ -141,93 +168,34 @@ func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.Acce
|
|||
return nil
|
||||
}
|
||||
|
||||
func updateRequestOutpostAccessPointEndpoint(req *request.Request, accessPoint arn.OutpostAccessPointARN) error {
|
||||
// Accelerate not supported
|
||||
if aws.BoolValue(req.Config.S3UseAccelerate) {
|
||||
return s3shared.NewClientConfiguredForAccelerateError(accessPoint,
|
||||
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
|
||||
}
|
||||
|
||||
// Dualstack not supported
|
||||
if aws.BoolValue(req.Config.UseDualStack) {
|
||||
return s3shared.NewClientConfiguredForDualStackError(accessPoint,
|
||||
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
|
||||
}
|
||||
|
||||
// Ignore the disable host prefix for access points since custom endpoints
|
||||
// are not supported.
|
||||
req.Config.DisableEndpointHostPrefix = aws.Bool(false)
|
||||
|
||||
if err := outpostAccessPointEndpointBuilder(accessPoint).build(req); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
removeBucketFromPath(req.HTTPRequest.URL)
|
||||
return nil
|
||||
}
|
||||
|
||||
func removeBucketFromPath(u *url.URL) {
|
||||
u.Path = strings.Replace(u.Path, "/{Bucket}", "", -1)
|
||||
if u.Path == "" {
|
||||
u.Path = "/"
|
||||
}
|
||||
}
|
||||
|
||||
type accessPointEndpointBuilder arn.AccessPointARN
|
||||
|
||||
const (
|
||||
accessPointPrefixLabel = "accesspoint"
|
||||
accountIDPrefixLabel = "accountID"
|
||||
accesPointPrefixTemplate = "{" + accessPointPrefixLabel + "}-{" + accountIDPrefixLabel + "}."
|
||||
)
|
||||
|
||||
func (a accessPointEndpointBuilder) Build(req *request.Request) error {
|
||||
resolveRegion := arn.AccessPointARN(a).Region
|
||||
cfgRegion := aws.StringValue(req.Config.Region)
|
||||
|
||||
if isFIPS(cfgRegion) {
|
||||
if aws.BoolValue(req.Config.S3UseARNRegion) && isCrossRegion(req, resolveRegion) {
|
||||
// FIPS with cross region is not supported, the SDK must fail
|
||||
// because there is no well defined method for SDK to construct a
|
||||
// correct FIPS endpoint.
|
||||
return newClientConfiguredForCrossRegionFIPSError(arn.AccessPointARN(a),
|
||||
req.ClientInfo.PartitionID, cfgRegion, nil)
|
||||
}
|
||||
resolveRegion = cfgRegion
|
||||
}
|
||||
|
||||
endpoint, err := resolveRegionalEndpoint(req, resolveRegion)
|
||||
if err != nil {
|
||||
return newFailedToResolveEndpointError(arn.AccessPointARN(a),
|
||||
req.ClientInfo.PartitionID, cfgRegion, err)
|
||||
}
|
||||
|
||||
if err = updateRequestEndpoint(req, endpoint.URL); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
const serviceEndpointLabel = "s3-accesspoint"
|
||||
|
||||
// dualstack provided by endpoint resolver
|
||||
cfgHost := req.HTTPRequest.URL.Host
|
||||
if strings.HasPrefix(cfgHost, "s3") {
|
||||
req.HTTPRequest.URL.Host = serviceEndpointLabel + cfgHost[2:]
|
||||
}
|
||||
|
||||
protocol.HostPrefixBuilder{
|
||||
Prefix: accesPointPrefixTemplate,
|
||||
LabelsFn: a.hostPrefixLabelValues,
|
||||
}.Build(req)
|
||||
|
||||
req.ClientInfo.SigningName = endpoint.SigningName
|
||||
req.ClientInfo.SigningRegion = endpoint.SigningRegion
|
||||
|
||||
err = protocol.ValidateEndpointHost(req.Operation.Name, req.HTTPRequest.URL.Host)
|
||||
if err != nil {
|
||||
return newInvalidARNError(arn.AccessPointARN(a), err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a accessPointEndpointBuilder) hostPrefixLabelValues() map[string]string {
|
||||
return map[string]string{
|
||||
accessPointPrefixLabel: arn.AccessPointARN(a).AccessPointName,
|
||||
accountIDPrefixLabel: arn.AccessPointARN(a).AccountID,
|
||||
}
|
||||
}
|
||||
|
||||
func resolveRegionalEndpoint(r *request.Request, region string) (endpoints.ResolvedEndpoint, error) {
|
||||
return r.Config.EndpointResolver.EndpointFor(EndpointsID, region, func(opts *endpoints.Options) {
|
||||
opts.DisableSSL = aws.BoolValue(r.Config.DisableSSL)
|
||||
opts.UseDualStack = aws.BoolValue(r.Config.UseDualStack)
|
||||
opts.S3UsEast1RegionalEndpoint = endpoints.RegionalS3UsEast1Endpoint
|
||||
})
|
||||
}
|
||||
|
||||
func updateRequestEndpoint(r *request.Request, endpoint string) (err error) {
|
||||
endpoint = endpoints.AddScheme(endpoint, aws.BoolValue(r.Config.DisableSSL))
|
||||
|
||||
r.HTTPRequest.URL, err = url.Parse(endpoint + r.Operation.HTTPPath)
|
||||
if err != nil {
|
||||
return awserr.New(request.ErrCodeSerialization,
|
||||
"failed to parse endpoint URL", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
@ -0,0 +1,177 @@
|
|||
package s3
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/endpoints"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared"
|
||||
"github.com/aws/aws-sdk-go/internal/s3shared/arn"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
const (
|
||||
accessPointPrefixLabel = "accesspoint"
|
||||
accountIDPrefixLabel = "accountID"
|
||||
accessPointPrefixTemplate = "{" + accessPointPrefixLabel + "}-{" + accountIDPrefixLabel + "}."
|
||||
|
||||
outpostPrefixLabel = "outpost"
|
||||
outpostAccessPointPrefixTemplate = accessPointPrefixTemplate + "{" + outpostPrefixLabel + "}."
|
||||
)
|
||||
|
||||
// accessPointEndpointBuilder represents the endpoint builder for access point arn
|
||||
type accessPointEndpointBuilder arn.AccessPointARN
|
||||
|
||||
// build builds the endpoint for corresponding access point arn
|
||||
//
|
||||
// For building an endpoint from access point arn, format used is:
|
||||
// - Access point endpoint format : {accesspointName}-{accountId}.s3-accesspoint.{region}.{dnsSuffix}
|
||||
// - example : myaccesspoint-012345678901.s3-accesspoint.us-west-2.amazonaws.com
|
||||
//
|
||||
// Access Point Endpoint requests are signed using "s3" as signing name.
|
||||
//
|
||||
func (a accessPointEndpointBuilder) build(req *request.Request) error {
|
||||
resolveService := arn.AccessPointARN(a).Service
|
||||
resolveRegion := arn.AccessPointARN(a).Region
|
||||
cfgRegion := aws.StringValue(req.Config.Region)
|
||||
|
||||
if s3shared.IsFIPS(cfgRegion) {
|
||||
if aws.BoolValue(req.Config.S3UseARNRegion) && s3shared.IsCrossRegion(req, resolveRegion) {
|
||||
// FIPS with cross region is not supported, the SDK must fail
|
||||
// because there is no well defined method for SDK to construct a
|
||||
// correct FIPS endpoint.
|
||||
return s3shared.NewClientConfiguredForCrossRegionFIPSError(arn.AccessPointARN(a),
|
||||
req.ClientInfo.PartitionID, cfgRegion, nil)
|
||||
}
|
||||
resolveRegion = cfgRegion
|
||||
}
|
||||
|
||||
endpoint, err := resolveRegionalEndpoint(req, resolveRegion, resolveService)
|
||||
if err != nil {
|
||||
return s3shared.NewFailedToResolveEndpointError(arn.AccessPointARN(a),
|
||||
req.ClientInfo.PartitionID, cfgRegion, err)
|
||||
}
|
||||
|
||||
if err = updateRequestEndpoint(req, endpoint.URL); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
const serviceEndpointLabel = "s3-accesspoint"
|
||||
|
||||
// dual stack provided by endpoint resolver
|
||||
cfgHost := req.HTTPRequest.URL.Host
|
||||
if strings.HasPrefix(cfgHost, "s3") {
|
||||
req.HTTPRequest.URL.Host = serviceEndpointLabel + cfgHost[2:]
|
||||
}
|
||||
|
||||
protocol.HostPrefixBuilder{
|
||||
Prefix: accessPointPrefixTemplate,
|
||||
LabelsFn: a.hostPrefixLabelValues,
|
||||
}.Build(req)
|
||||
|
||||
// signer redirection
|
||||
redirectSigner(req, endpoint.SigningName, endpoint.SigningRegion)
|
||||
|
||||
err = protocol.ValidateEndpointHost(req.Operation.Name, req.HTTPRequest.URL.Host)
|
||||
if err != nil {
|
||||
return s3shared.NewInvalidARNError(arn.AccessPointARN(a), err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a accessPointEndpointBuilder) hostPrefixLabelValues() map[string]string {
|
||||
return map[string]string{
|
||||
accessPointPrefixLabel: arn.AccessPointARN(a).AccessPointName,
|
||||
accountIDPrefixLabel: arn.AccessPointARN(a).AccountID,
|
||||
}
|
||||
}
|
||||
|
||||
// outpostAccessPointEndpointBuilder represents the Endpoint builder for outpost access point arn.
|
||||
type outpostAccessPointEndpointBuilder arn.OutpostAccessPointARN
|
||||
|
||||
// build builds an endpoint corresponding to the outpost access point arn.
|
||||
//
|
||||
// For building an endpoint from outpost access point arn, format used is:
|
||||
// - Outpost access point endpoint format : {accesspointName}-{accountId}.{outpostId}.s3-outposts.{region}.{dnsSuffix}
|
||||
// - example : myaccesspoint-012345678901.op-01234567890123456.s3-outposts.us-west-2.amazonaws.com
|
||||
//
|
||||
// Outpost AccessPoint Endpoint request are signed using "s3-outposts" as signing name.
|
||||
//
|
||||
func (o outpostAccessPointEndpointBuilder) build(req *request.Request) error {
|
||||
resolveRegion := o.Region
|
||||
resolveService := o.Service
|
||||
|
||||
endpointsID := resolveService
|
||||
if resolveService == "s3-outposts" {
|
||||
endpointsID = "s3"
|
||||
}
|
||||
|
||||
endpoint, err := resolveRegionalEndpoint(req, resolveRegion, endpointsID)
|
||||
if err != nil {
|
||||
return s3shared.NewFailedToResolveEndpointError(o,
|
||||
req.ClientInfo.PartitionID, resolveRegion, err)
|
||||
}
|
||||
|
||||
if err = updateRequestEndpoint(req, endpoint.URL); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// add url host as s3-outposts
|
||||
cfgHost := req.HTTPRequest.URL.Host
|
||||
if strings.HasPrefix(cfgHost, endpointsID) {
|
||||
req.HTTPRequest.URL.Host = resolveService + cfgHost[len(endpointsID):]
|
||||
}
|
||||
|
||||
protocol.HostPrefixBuilder{
|
||||
Prefix: outpostAccessPointPrefixTemplate,
|
||||
LabelsFn: o.hostPrefixLabelValues,
|
||||
}.Build(req)
|
||||
|
||||
// set the signing region, name to resolved names from ARN
|
||||
redirectSigner(req, resolveService, resolveRegion)
|
||||
|
||||
err = protocol.ValidateEndpointHost(req.Operation.Name, req.HTTPRequest.URL.Host)
|
||||
if err != nil {
|
||||
return s3shared.NewInvalidARNError(o, err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (o outpostAccessPointEndpointBuilder) hostPrefixLabelValues() map[string]string {
|
||||
return map[string]string{
|
||||
accessPointPrefixLabel: o.AccessPointName,
|
||||
accountIDPrefixLabel: o.AccountID,
|
||||
outpostPrefixLabel: o.OutpostID,
|
||||
}
|
||||
}
|
||||
|
||||
func resolveRegionalEndpoint(r *request.Request, region string, endpointsID string) (endpoints.ResolvedEndpoint, error) {
|
||||
return r.Config.EndpointResolver.EndpointFor(endpointsID, region, func(opts *endpoints.Options) {
|
||||
opts.DisableSSL = aws.BoolValue(r.Config.DisableSSL)
|
||||
opts.UseDualStack = aws.BoolValue(r.Config.UseDualStack)
|
||||
opts.S3UsEast1RegionalEndpoint = endpoints.RegionalS3UsEast1Endpoint
|
||||
})
|
||||
}
|
||||
|
||||
func updateRequestEndpoint(r *request.Request, endpoint string) (err error) {
|
||||
endpoint = endpoints.AddScheme(endpoint, aws.BoolValue(r.Config.DisableSSL))
|
||||
|
||||
r.HTTPRequest.URL, err = url.Parse(endpoint + r.Operation.HTTPPath)
|
||||
if err != nil {
|
||||
return awserr.New(request.ErrCodeSerialization,
|
||||
"failed to parse endpoint URL", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// redirectSigner sets signing name, signing region for a request
|
||||
func redirectSigner(req *request.Request, signingName string, signingRegion string) {
|
||||
req.ClientInfo.SigningName = signingName
|
||||
req.ClientInfo.SigningRegion = signingRegion
|
||||
}
|
|
@ -1,151 +0,0 @@
|
|||
package s3
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/service/s3/internal/arn"
|
||||
)
|
||||
|
||||
const (
|
||||
invalidARNErrorErrCode = "InvalidARNError"
|
||||
configurationErrorErrCode = "ConfigurationError"
|
||||
)
|
||||
|
||||
type invalidARNError struct {
|
||||
message string
|
||||
resource arn.Resource
|
||||
origErr error
|
||||
}
|
||||
|
||||
func (e invalidARNError) Error() string {
|
||||
var extra string
|
||||
if e.resource != nil {
|
||||
extra = "ARN: " + e.resource.String()
|
||||
}
|
||||
return awserr.SprintError(e.Code(), e.Message(), extra, e.origErr)
|
||||
}
|
||||
|
||||
func (e invalidARNError) Code() string {
|
||||
return invalidARNErrorErrCode
|
||||
}
|
||||
|
||||
func (e invalidARNError) Message() string {
|
||||
return e.message
|
||||
}
|
||||
|
||||
func (e invalidARNError) OrigErr() error {
|
||||
return e.origErr
|
||||
}
|
||||
|
||||
func newInvalidARNError(resource arn.Resource, err error) invalidARNError {
|
||||
return invalidARNError{
|
||||
message: "invalid ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
}
|
||||
}
|
||||
|
||||
func newInvalidARNWithCustomEndpointError(resource arn.Resource, err error) invalidARNError {
|
||||
return invalidARNError{
|
||||
message: "resource ARN not supported with custom client endpoints",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
}
|
||||
}
|
||||
|
||||
// ARN not supported for the target partition
|
||||
func newInvalidARNWithUnsupportedPartitionError(resource arn.Resource, err error) invalidARNError {
|
||||
return invalidARNError{
|
||||
message: "resource ARN not supported for the target ARN partition",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
}
|
||||
}
|
||||
|
||||
type configurationError struct {
|
||||
message string
|
||||
resource arn.Resource
|
||||
clientPartitionID string
|
||||
clientRegion string
|
||||
origErr error
|
||||
}
|
||||
|
||||
func (e configurationError) Error() string {
|
||||
extra := fmt.Sprintf("ARN: %s, client partition: %s, client region: %s",
|
||||
e.resource, e.clientPartitionID, e.clientRegion)
|
||||
|
||||
return awserr.SprintError(e.Code(), e.Message(), extra, e.origErr)
|
||||
}
|
||||
|
||||
func (e configurationError) Code() string {
|
||||
return configurationErrorErrCode
|
||||
}
|
||||
|
||||
func (e configurationError) Message() string {
|
||||
return e.message
|
||||
}
|
||||
|
||||
func (e configurationError) OrigErr() error {
|
||||
return e.origErr
|
||||
}
|
||||
|
||||
func newClientPartitionMismatchError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
|
||||
return configurationError{
|
||||
message: "client partition does not match provided ARN partition",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
func newClientRegionMismatchError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
|
||||
return configurationError{
|
||||
message: "client region does not match provided ARN region",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
func newFailedToResolveEndpointError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
|
||||
return configurationError{
|
||||
message: "endpoint resolver failed to find an endpoint for the provided ARN region",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
func newClientConfiguredForFIPSError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
|
||||
return configurationError{
|
||||
message: "client configured for fips but cross-region resource ARN provided",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
func newClientConfiguredForAccelerateError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
|
||||
return configurationError{
|
||||
message: "client configured for S3 Accelerate but is supported with resource ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
||||
|
||||
func newClientConfiguredForCrossRegionFIPSError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
|
||||
return configurationError{
|
||||
message: "client configured for FIPS with cross-region enabled but is supported with cross-region resource ARN",
|
||||
origErr: err,
|
||||
resource: resource,
|
||||
clientPartitionID: clientPartitionID,
|
||||
clientRegion: clientRegion,
|
||||
}
|
||||
}
|
|
@ -8,7 +8,7 @@ const (
|
|||
// "BucketAlreadyExists".
|
||||
//
|
||||
// The requested bucket name is not available. The bucket namespace is shared
|
||||
// by all users of the system. Please select a different name and try again.
|
||||
// by all users of the system. Select a different name and try again.
|
||||
ErrCodeBucketAlreadyExists = "BucketAlreadyExists"
|
||||
|
||||
// ErrCodeBucketAlreadyOwnedByYou for service response error code
|
||||
|
@ -21,6 +21,12 @@ const (
|
|||
// bucket access control lists (ACLs).
|
||||
ErrCodeBucketAlreadyOwnedByYou = "BucketAlreadyOwnedByYou"
|
||||
|
||||
// ErrCodeInvalidObjectState for service response error code
|
||||
// "InvalidObjectState".
|
||||
//
|
||||
// Object is archived and inaccessible until restored.
|
||||
ErrCodeInvalidObjectState = "InvalidObjectState"
|
||||
|
||||
// ErrCodeNoSuchBucket for service response error code
|
||||
// "NoSuchBucket".
|
||||
//
|
||||
|
|
|
@ -96,6 +96,10 @@ type S3API interface {
|
|||
DeleteBucketEncryptionWithContext(aws.Context, *s3.DeleteBucketEncryptionInput, ...request.Option) (*s3.DeleteBucketEncryptionOutput, error)
|
||||
DeleteBucketEncryptionRequest(*s3.DeleteBucketEncryptionInput) (*request.Request, *s3.DeleteBucketEncryptionOutput)
|
||||
|
||||
DeleteBucketIntelligentTieringConfiguration(*s3.DeleteBucketIntelligentTieringConfigurationInput) (*s3.DeleteBucketIntelligentTieringConfigurationOutput, error)
|
||||
DeleteBucketIntelligentTieringConfigurationWithContext(aws.Context, *s3.DeleteBucketIntelligentTieringConfigurationInput, ...request.Option) (*s3.DeleteBucketIntelligentTieringConfigurationOutput, error)
|
||||
DeleteBucketIntelligentTieringConfigurationRequest(*s3.DeleteBucketIntelligentTieringConfigurationInput) (*request.Request, *s3.DeleteBucketIntelligentTieringConfigurationOutput)
|
||||
|
||||
DeleteBucketInventoryConfiguration(*s3.DeleteBucketInventoryConfigurationInput) (*s3.DeleteBucketInventoryConfigurationOutput, error)
|
||||
DeleteBucketInventoryConfigurationWithContext(aws.Context, *s3.DeleteBucketInventoryConfigurationInput, ...request.Option) (*s3.DeleteBucketInventoryConfigurationOutput, error)
|
||||
DeleteBucketInventoryConfigurationRequest(*s3.DeleteBucketInventoryConfigurationInput) (*request.Request, *s3.DeleteBucketInventoryConfigurationOutput)
|
||||
|
@ -108,6 +112,10 @@ type S3API interface {
|
|||
DeleteBucketMetricsConfigurationWithContext(aws.Context, *s3.DeleteBucketMetricsConfigurationInput, ...request.Option) (*s3.DeleteBucketMetricsConfigurationOutput, error)
|
||||
DeleteBucketMetricsConfigurationRequest(*s3.DeleteBucketMetricsConfigurationInput) (*request.Request, *s3.DeleteBucketMetricsConfigurationOutput)
|
||||
|
||||
DeleteBucketOwnershipControls(*s3.DeleteBucketOwnershipControlsInput) (*s3.DeleteBucketOwnershipControlsOutput, error)
|
||||
DeleteBucketOwnershipControlsWithContext(aws.Context, *s3.DeleteBucketOwnershipControlsInput, ...request.Option) (*s3.DeleteBucketOwnershipControlsOutput, error)
|
||||
DeleteBucketOwnershipControlsRequest(*s3.DeleteBucketOwnershipControlsInput) (*request.Request, *s3.DeleteBucketOwnershipControlsOutput)
|
||||
|
||||
DeleteBucketPolicy(*s3.DeleteBucketPolicyInput) (*s3.DeleteBucketPolicyOutput, error)
|
||||
DeleteBucketPolicyWithContext(aws.Context, *s3.DeleteBucketPolicyInput, ...request.Option) (*s3.DeleteBucketPolicyOutput, error)
|
||||
DeleteBucketPolicyRequest(*s3.DeleteBucketPolicyInput) (*request.Request, *s3.DeleteBucketPolicyOutput)
|
||||
|
@ -160,6 +168,10 @@ type S3API interface {
|
|||
GetBucketEncryptionWithContext(aws.Context, *s3.GetBucketEncryptionInput, ...request.Option) (*s3.GetBucketEncryptionOutput, error)
|
||||
GetBucketEncryptionRequest(*s3.GetBucketEncryptionInput) (*request.Request, *s3.GetBucketEncryptionOutput)
|
||||
|
||||
GetBucketIntelligentTieringConfiguration(*s3.GetBucketIntelligentTieringConfigurationInput) (*s3.GetBucketIntelligentTieringConfigurationOutput, error)
|
||||
GetBucketIntelligentTieringConfigurationWithContext(aws.Context, *s3.GetBucketIntelligentTieringConfigurationInput, ...request.Option) (*s3.GetBucketIntelligentTieringConfigurationOutput, error)
|
||||
GetBucketIntelligentTieringConfigurationRequest(*s3.GetBucketIntelligentTieringConfigurationInput) (*request.Request, *s3.GetBucketIntelligentTieringConfigurationOutput)
|
||||
|
||||
GetBucketInventoryConfiguration(*s3.GetBucketInventoryConfigurationInput) (*s3.GetBucketInventoryConfigurationOutput, error)
|
||||
GetBucketInventoryConfigurationWithContext(aws.Context, *s3.GetBucketInventoryConfigurationInput, ...request.Option) (*s3.GetBucketInventoryConfigurationOutput, error)
|
||||
GetBucketInventoryConfigurationRequest(*s3.GetBucketInventoryConfigurationInput) (*request.Request, *s3.GetBucketInventoryConfigurationOutput)
|
||||
|
@ -192,6 +204,10 @@ type S3API interface {
|
|||
GetBucketNotificationConfigurationWithContext(aws.Context, *s3.GetBucketNotificationConfigurationRequest, ...request.Option) (*s3.NotificationConfiguration, error)
|
||||
GetBucketNotificationConfigurationRequest(*s3.GetBucketNotificationConfigurationRequest) (*request.Request, *s3.NotificationConfiguration)
|
||||
|
||||
GetBucketOwnershipControls(*s3.GetBucketOwnershipControlsInput) (*s3.GetBucketOwnershipControlsOutput, error)
|
||||
GetBucketOwnershipControlsWithContext(aws.Context, *s3.GetBucketOwnershipControlsInput, ...request.Option) (*s3.GetBucketOwnershipControlsOutput, error)
|
||||
GetBucketOwnershipControlsRequest(*s3.GetBucketOwnershipControlsInput) (*request.Request, *s3.GetBucketOwnershipControlsOutput)
|
||||
|
||||
GetBucketPolicy(*s3.GetBucketPolicyInput) (*s3.GetBucketPolicyOutput, error)
|
||||
GetBucketPolicyWithContext(aws.Context, *s3.GetBucketPolicyInput, ...request.Option) (*s3.GetBucketPolicyOutput, error)
|
||||
GetBucketPolicyRequest(*s3.GetBucketPolicyInput) (*request.Request, *s3.GetBucketPolicyOutput)
|
||||
|
@ -264,6 +280,10 @@ type S3API interface {
|
|||
ListBucketAnalyticsConfigurationsWithContext(aws.Context, *s3.ListBucketAnalyticsConfigurationsInput, ...request.Option) (*s3.ListBucketAnalyticsConfigurationsOutput, error)
|
||||
ListBucketAnalyticsConfigurationsRequest(*s3.ListBucketAnalyticsConfigurationsInput) (*request.Request, *s3.ListBucketAnalyticsConfigurationsOutput)
|
||||
|
||||
ListBucketIntelligentTieringConfigurations(*s3.ListBucketIntelligentTieringConfigurationsInput) (*s3.ListBucketIntelligentTieringConfigurationsOutput, error)
|
||||
ListBucketIntelligentTieringConfigurationsWithContext(aws.Context, *s3.ListBucketIntelligentTieringConfigurationsInput, ...request.Option) (*s3.ListBucketIntelligentTieringConfigurationsOutput, error)
|
||||
ListBucketIntelligentTieringConfigurationsRequest(*s3.ListBucketIntelligentTieringConfigurationsInput) (*request.Request, *s3.ListBucketIntelligentTieringConfigurationsOutput)
|
||||
|
||||
ListBucketInventoryConfigurations(*s3.ListBucketInventoryConfigurationsInput) (*s3.ListBucketInventoryConfigurationsOutput, error)
|
||||
ListBucketInventoryConfigurationsWithContext(aws.Context, *s3.ListBucketInventoryConfigurationsInput, ...request.Option) (*s3.ListBucketInventoryConfigurationsOutput, error)
|
||||
ListBucketInventoryConfigurationsRequest(*s3.ListBucketInventoryConfigurationsInput) (*request.Request, *s3.ListBucketInventoryConfigurationsOutput)
|
||||
|
@ -331,6 +351,10 @@ type S3API interface {
|
|||
PutBucketEncryptionWithContext(aws.Context, *s3.PutBucketEncryptionInput, ...request.Option) (*s3.PutBucketEncryptionOutput, error)
|
||||
PutBucketEncryptionRequest(*s3.PutBucketEncryptionInput) (*request.Request, *s3.PutBucketEncryptionOutput)
|
||||
|
||||
PutBucketIntelligentTieringConfiguration(*s3.PutBucketIntelligentTieringConfigurationInput) (*s3.PutBucketIntelligentTieringConfigurationOutput, error)
|
||||
PutBucketIntelligentTieringConfigurationWithContext(aws.Context, *s3.PutBucketIntelligentTieringConfigurationInput, ...request.Option) (*s3.PutBucketIntelligentTieringConfigurationOutput, error)
|
||||
PutBucketIntelligentTieringConfigurationRequest(*s3.PutBucketIntelligentTieringConfigurationInput) (*request.Request, *s3.PutBucketIntelligentTieringConfigurationOutput)
|
||||
|
||||
PutBucketInventoryConfiguration(*s3.PutBucketInventoryConfigurationInput) (*s3.PutBucketInventoryConfigurationOutput, error)
|
||||
PutBucketInventoryConfigurationWithContext(aws.Context, *s3.PutBucketInventoryConfigurationInput, ...request.Option) (*s3.PutBucketInventoryConfigurationOutput, error)
|
||||
PutBucketInventoryConfigurationRequest(*s3.PutBucketInventoryConfigurationInput) (*request.Request, *s3.PutBucketInventoryConfigurationOutput)
|
||||
|
@ -359,6 +383,10 @@ type S3API interface {
|
|||
PutBucketNotificationConfigurationWithContext(aws.Context, *s3.PutBucketNotificationConfigurationInput, ...request.Option) (*s3.PutBucketNotificationConfigurationOutput, error)
|
||||
PutBucketNotificationConfigurationRequest(*s3.PutBucketNotificationConfigurationInput) (*request.Request, *s3.PutBucketNotificationConfigurationOutput)
|
||||
|
||||
PutBucketOwnershipControls(*s3.PutBucketOwnershipControlsInput) (*s3.PutBucketOwnershipControlsOutput, error)
|
||||
PutBucketOwnershipControlsWithContext(aws.Context, *s3.PutBucketOwnershipControlsInput, ...request.Option) (*s3.PutBucketOwnershipControlsOutput, error)
|
||||
PutBucketOwnershipControlsRequest(*s3.PutBucketOwnershipControlsInput) (*request.Request, *s3.PutBucketOwnershipControlsOutput)
|
||||
|
||||
PutBucketPolicy(*s3.PutBucketPolicyInput) (*s3.PutBucketPolicyOutput, error)
|
||||
PutBucketPolicyWithContext(aws.Context, *s3.PutBucketPolicyInput, ...request.Option) (*s3.PutBucketPolicyOutput, error)
|
||||
PutBucketPolicyRequest(*s3.PutBucketPolicyInput) (*request.Request, *s3.PutBucketPolicyOutput)
|
||||
|
|
|
@ -60,6 +60,14 @@ func (p *maxSlicePool) Get(ctx aws.Context) (*[]byte, error) {
|
|||
return nil, errZeroCapacity
|
||||
}
|
||||
return bs, nil
|
||||
case <-ctx.Done():
|
||||
p.mtx.RUnlock()
|
||||
return nil, ctx.Err()
|
||||
default:
|
||||
// pass
|
||||
}
|
||||
|
||||
select {
|
||||
case _, ok := <-p.allocations:
|
||||
p.mtx.RUnlock()
|
||||
if !ok {
|
||||
|
|
|
@ -16,23 +16,42 @@ type UploadInput struct {
|
|||
|
||||
// The canned ACL to apply to the object. For more information, see Canned ACL
|
||||
// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
|
||||
//
|
||||
// This action is not supported by Amazon S3 on Outposts.
|
||||
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"`
|
||||
|
||||
// The readable body payload to send to S3.
|
||||
Body io.Reader
|
||||
|
||||
// Bucket name to which the PUT operation was initiated.
|
||||
// The bucket name to which the PUT operation was initiated.
|
||||
//
|
||||
// When using this API with an access point, you must direct requests to the
|
||||
// access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
|
||||
// When using this operation using an access point through the AWS SDKs, you
|
||||
// When using this operation with an access point through the AWS SDKs, you
|
||||
// provide the access point ARN in place of the bucket name. For more information
|
||||
// about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
|
||||
// in the Amazon Simple Storage Service Developer Guide.
|
||||
//
|
||||
// When using this API with Amazon S3 on Outposts, you must direct requests
|
||||
// to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form
|
||||
// AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When
|
||||
// using this operation using S3 on Outposts through the AWS SDKs, you provide
|
||||
// the Outposts bucket ARN in place of the bucket name. For more information
|
||||
// about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html)
|
||||
// in the Amazon Simple Storage Service Developer Guide.
|
||||
//
|
||||
// Bucket is a required field
|
||||
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
|
||||
|
||||
// Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption
|
||||
// with server-side encryption using AWS KMS (SSE-KMS). Setting this header
|
||||
// to true causes Amazon S3 to use an S3 Bucket Key for object encryption with
|
||||
// SSE-KMS.
|
||||
//
|
||||
// Specifying this header with a PUT operation doesn’t affect bucket-level
|
||||
// settings for S3 Bucket Key.
|
||||
BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"`
|
||||
|
||||
// Can be used to specify caching behavior along the request/reply chain. For
|
||||
// more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
|
||||
// (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9).
|
||||
|
@ -73,15 +92,23 @@ type UploadInput struct {
|
|||
Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"`
|
||||
|
||||
// Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.
|
||||
//
|
||||
// This action is not supported by Amazon S3 on Outposts.
|
||||
GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"`
|
||||
|
||||
// Allows grantee to read the object data and its metadata.
|
||||
//
|
||||
// This action is not supported by Amazon S3 on Outposts.
|
||||
GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"`
|
||||
|
||||
// Allows grantee to read the object ACL.
|
||||
//
|
||||
// This action is not supported by Amazon S3 on Outposts.
|
||||
GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"`
|
||||
|
||||
// Allows grantee to write the ACL for the applicable object.
|
||||
//
|
||||
// This action is not supported by Amazon S3 on Outposts.
|
||||
GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"`
|
||||
|
||||
// Object key for which the PUT operation was initiated.
|
||||
|
@ -146,8 +173,12 @@ type UploadInput struct {
|
|||
// S3 (for example, AES256, aws:kms).
|
||||
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
|
||||
|
||||
// If you don't specify, S3 Standard is the default storage class. Amazon S3
|
||||
// supports other storage classes.
|
||||
// By default, Amazon S3 uses the STANDARD Storage Class to store newly created
|
||||
// objects. The STANDARD storage class provides high durability and high availability.
|
||||
// Depending on performance needs, you can specify a different Storage Class.
|
||||
// Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information,
|
||||
// see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)
|
||||
// in the Amazon S3 Service Developer Guide.
|
||||
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
|
||||
|
||||
// The tag-set for the object. The tag-set must be encoded as URL Query parameters.
|
||||
|
|
|
@ -8566,7 +8566,7 @@ func (c *SSM) GetParameterHistoryRequest(input *GetParameterHistoryInput) (req *
|
|||
|
||||
// GetParameterHistory API operation for Amazon Simple Systems Manager (SSM).
|
||||
//
|
||||
// Query a list of all parameters used by the AWS account.
|
||||
// Retrieves the history of all changes to a parameter.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -11426,7 +11426,25 @@ func (c *SSM) PutParameterRequest(input *PutParameterInput) (req *request.Reques
|
|||
// The request does not meet the regular expression requirement.
|
||||
//
|
||||
// * ParameterMaxVersionLimitExceeded
|
||||
// The parameter exceeded the maximum number of allowed versions.
|
||||
// Parameter Store retains the 100 most recently created versions of a parameter.
|
||||
// After this number of versions has been created, Parameter Store deletes the
|
||||
// oldest version when a new one is created. However, if the oldest version
|
||||
// has a label attached to it, Parameter Store will not delete the version and
|
||||
// instead presents this error message:
|
||||
//
|
||||
// An error occurred (ParameterMaxVersionLimitExceeded) when calling the PutParameter
|
||||
// operation: You attempted to create a new version of parameter-name by calling
|
||||
// the PutParameter API with the overwrite flag. Version version-number, the
|
||||
// oldest version, can't be deleted because it has a label associated with it.
|
||||
// Move the label to another version of the parameter, and try again.
|
||||
//
|
||||
// This safeguard is to prevent parameter versions with mission critical labels
|
||||
// assigned to them from being deleted. To continue creating new parameters,
|
||||
// first move the label from the oldest version of the parameter to a newer
|
||||
// one for use in your operations. For information about moving parameter labels,
|
||||
// see Move a parameter label (console) (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html#sysman-paramstore-labels-console-move)
|
||||
// or Move a parameter label (CLI) (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html#sysman-paramstore-labels-cli-move)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
//
|
||||
// * ParameterPatternMismatchException
|
||||
// The parameter name is not valid.
|
||||
|
@ -12633,7 +12651,9 @@ func (c *SSM) StartSessionRequest(input *StartSessionInput) (req *request.Reques
|
|||
// The specified target instance for the session is not fully configured for
|
||||
// use with Session Manager. For more information, see Getting started with
|
||||
// Session Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
// in the AWS Systems Manager User Guide. This error is also returned if you
|
||||
// attempt to start a session on an instance that is located in a different
|
||||
// account or Region
|
||||
//
|
||||
// * InternalServerError
|
||||
// An error occurred on the server side.
|
||||
|
@ -15277,6 +15297,8 @@ type AssociationFilter struct {
|
|||
|
||||
// The name of the filter.
|
||||
//
|
||||
// InstanceId has been deprecated.
|
||||
//
|
||||
// Key is a required field
|
||||
Key *string `locationName:"key" type:"string" required:"true" enum:"AssociationFilterKey"`
|
||||
|
||||
|
@ -16276,7 +16298,7 @@ type AutomationExecutionFilter struct {
|
|||
|
||||
// One or more keys to limit the results. Valid filter keys include the following:
|
||||
// DocumentNamePrefix, ExecutionStatus, ExecutionId, ParentExecutionId, CurrentAction,
|
||||
// StartTimeBefore, StartTimeAfter.
|
||||
// StartTimeBefore, StartTimeAfter, TargetResourceGroup.
|
||||
//
|
||||
// Key is a required field
|
||||
Key *string `type:"string" required:"true" enum:"AutomationExecutionFilterKey"`
|
||||
|
@ -17769,7 +17791,8 @@ type ComplianceItem struct {
|
|||
// Critical, High, Medium, Low, Informational, Unspecified.
|
||||
Severity *string `type:"string" enum:"ComplianceSeverity"`
|
||||
|
||||
// The status of the compliance item. An item is either COMPLIANT or NON_COMPLIANT.
|
||||
// The status of the compliance item. An item is either COMPLIANT, NON_COMPLIANT,
|
||||
// or an empty string (for Windows patches that aren't applicable).
|
||||
Status *string `type:"string" enum:"ComplianceStatus"`
|
||||
|
||||
// A title for the compliance item. For example, if the compliance item is a
|
||||
|
@ -17859,8 +17882,7 @@ type ComplianceItemEntry struct {
|
|||
// Severity is a required field
|
||||
Severity *string `type:"string" required:"true" enum:"ComplianceSeverity"`
|
||||
|
||||
// The status of the compliance item. An item is either COMPLIANT, NON_COMPLIANT,
|
||||
// or an empty string (for Windows patches that aren't applicable).
|
||||
// The status of the compliance item. An item is either COMPLIANT or NON_COMPLIANT.
|
||||
//
|
||||
// Status is a required field
|
||||
Status *string `type:"string" required:"true" enum:"ComplianceStatus"`
|
||||
|
@ -28271,7 +28293,7 @@ type GetParameterHistoryInput struct {
|
|||
// results.
|
||||
MaxResults *int64 `min:"1" type:"integer"`
|
||||
|
||||
// The name of a parameter you want to query.
|
||||
// The name of the parameter for which you want to review history.
|
||||
//
|
||||
// Name is a required field
|
||||
Name *string `min:"1" type:"string" required:"true"`
|
||||
|
@ -29603,6 +29625,8 @@ type InstanceInformation struct {
|
|||
Name *string `type:"string"`
|
||||
|
||||
// Connection status of SSM Agent.
|
||||
//
|
||||
// The status Inactive has been deprecated and is no longer in use.
|
||||
PingStatus *string `type:"string" enum:"PingStatus"`
|
||||
|
||||
// The name of the operating system platform running on your instance.
|
||||
|
@ -33995,6 +34019,11 @@ type ListAssociationsInput struct {
|
|||
_ struct{} `type:"structure"`
|
||||
|
||||
// One or more filters. Use a filter to return a more specific list of results.
|
||||
//
|
||||
// Filtering associations using the InstanceID attribute only returns legacy
|
||||
// associations created using the InstanceID attribute. Associations targeting
|
||||
// the instance that are part of the Target Attributes ResourceGroup or Tags
|
||||
// are not returned.
|
||||
AssociationFilterList []*AssociationFilter `min:"1" type:"list"`
|
||||
|
||||
// The maximum number of items to return for this call. The call also returns
|
||||
|
@ -38175,7 +38204,25 @@ func (s *ParameterLimitExceeded) RequestID() string {
|
|||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// The parameter exceeded the maximum number of allowed versions.
|
||||
// Parameter Store retains the 100 most recently created versions of a parameter.
|
||||
// After this number of versions has been created, Parameter Store deletes the
|
||||
// oldest version when a new one is created. However, if the oldest version
|
||||
// has a label attached to it, Parameter Store will not delete the version and
|
||||
// instead presents this error message:
|
||||
//
|
||||
// An error occurred (ParameterMaxVersionLimitExceeded) when calling the PutParameter
|
||||
// operation: You attempted to create a new version of parameter-name by calling
|
||||
// the PutParameter API with the overwrite flag. Version version-number, the
|
||||
// oldest version, can't be deleted because it has a label associated with it.
|
||||
// Move the label to another version of the parameter, and try again.
|
||||
//
|
||||
// This safeguard is to prevent parameter versions with mission critical labels
|
||||
// assigned to them from being deleted. To continue creating new parameters,
|
||||
// first move the label from the oldest version of the parameter to a newer
|
||||
// one for use in your operations. For information about moving parameter labels,
|
||||
// see Move a parameter label (console) (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html#sysman-paramstore-labels-console-move)
|
||||
// or Move a parameter label (CLI) (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html#sysman-paramstore-labels-cli-move)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
type ParameterMaxVersionLimitExceeded struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
@ -38723,7 +38770,25 @@ func (s *ParametersFilter) SetValues(v []*string) *ParametersFilter {
|
|||
type Patch struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The classification of the patch (for example, SecurityUpdates, Updates, CriticalUpdates).
|
||||
// The Advisory ID of the patch. For example, RHSA-2020:3779. Applies to Linux-based
|
||||
// instances only.
|
||||
AdvisoryIds []*string `type:"list"`
|
||||
|
||||
// The architecture of the patch. For example, in example-pkg-0.710.10-2.7.abcd.x86_64,
|
||||
// the architecture is indicated by x86_64. Applies to Linux-based instances
|
||||
// only.
|
||||
Arch *string `type:"string"`
|
||||
|
||||
// The Bugzilla ID of the patch. For example, 1600646. Applies to Linux-based
|
||||
// instances only.
|
||||
BugzillaIds []*string `type:"list"`
|
||||
|
||||
// The Common Vulnerabilities and Exposures (CVE) ID of the patch. For example,
|
||||
// CVE-1999-0067. Applies to Linux-based instances only.
|
||||
CVEIds []*string `type:"list"`
|
||||
|
||||
// The classification of the patch. For example, SecurityUpdates, Updates, or
|
||||
// CriticalUpdates.
|
||||
Classification *string `type:"string"`
|
||||
|
||||
// The URL where more information can be obtained about the patch.
|
||||
|
@ -38732,36 +38797,65 @@ type Patch struct {
|
|||
// The description of the patch.
|
||||
Description *string `type:"string"`
|
||||
|
||||
// The ID of the patch (this is different than the Microsoft Knowledge Base
|
||||
// ID).
|
||||
// The epoch of the patch. For example in pkg-example-EE-20180914-2.2.amzn1.noarch,
|
||||
// the epoch value is 20180914-2. Applies to Linux-based instances only.
|
||||
Epoch *int64 `type:"integer"`
|
||||
|
||||
// The ID of the patch. Applies to Windows patches only.
|
||||
//
|
||||
// This ID is not the same as the Microsoft Knowledge Base ID.
|
||||
Id *string `min:"1" type:"string"`
|
||||
|
||||
// The Microsoft Knowledge Base ID of the patch.
|
||||
// The Microsoft Knowledge Base ID of the patch. Applies to Windows patches
|
||||
// only.
|
||||
KbNumber *string `type:"string"`
|
||||
|
||||
// The language of the patch if it's language-specific.
|
||||
Language *string `type:"string"`
|
||||
|
||||
// The ID of the MSRC bulletin the patch is related to.
|
||||
// The ID of the Microsoft Security Response Center (MSRC) bulletin the patch
|
||||
// is related to. For example, MS14-045. Applies to Windows patches only.
|
||||
MsrcNumber *string `type:"string"`
|
||||
|
||||
// The severity of the patch (for example Critical, Important, Moderate).
|
||||
// The severity of the patch, such as Critical, Important, or Moderate. Applies
|
||||
// to Windows patches only.
|
||||
MsrcSeverity *string `type:"string"`
|
||||
|
||||
// The specific product the patch is applicable for (for example, WindowsServer2016).
|
||||
// The name of the patch. Applies to Linux-based instances only.
|
||||
Name *string `type:"string"`
|
||||
|
||||
// The specific product the patch is applicable for. For example, WindowsServer2016
|
||||
// or AmazonLinux2018.03.
|
||||
Product *string `type:"string"`
|
||||
|
||||
// The product family the patch is applicable for (for example, Windows).
|
||||
// The product family the patch is applicable for. For example, Windows or Amazon
|
||||
// Linux 2.
|
||||
ProductFamily *string `type:"string"`
|
||||
|
||||
// The particular release of a patch. For example, in pkg-example-EE-20180914-2.2.amzn1.noarch,
|
||||
// the release is 2.amaz1. Applies to Linux-based instances only.
|
||||
Release *string `type:"string"`
|
||||
|
||||
// The date the patch was released.
|
||||
ReleaseDate *time.Time `type:"timestamp"`
|
||||
|
||||
// The source patch repository for the operating system and version, such as
|
||||
// trusty-security for Ubuntu Server 14.04 LTE and focal-security for Ubuntu
|
||||
// Server 20.04 LTE. Applies to Linux-based instances only.
|
||||
Repository *string `type:"string"`
|
||||
|
||||
// The severity level of the patch. For example, CRITICAL or MODERATE.
|
||||
Severity *string `type:"string"`
|
||||
|
||||
// The title of the patch.
|
||||
Title *string `type:"string"`
|
||||
|
||||
// The name of the vendor providing the patch.
|
||||
Vendor *string `type:"string"`
|
||||
|
||||
// The version number of the patch. For example, in example-pkg-1.710.10-2.7.abcd.x86_64,
|
||||
// the version number is indicated by -1. Applies to Linux-based instances only.
|
||||
Version *string `type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
|
@ -38774,6 +38868,30 @@ func (s Patch) GoString() string {
|
|||
return s.String()
|
||||
}
|
||||
|
||||
// SetAdvisoryIds sets the AdvisoryIds field's value.
|
||||
func (s *Patch) SetAdvisoryIds(v []*string) *Patch {
|
||||
s.AdvisoryIds = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetArch sets the Arch field's value.
|
||||
func (s *Patch) SetArch(v string) *Patch {
|
||||
s.Arch = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetBugzillaIds sets the BugzillaIds field's value.
|
||||
func (s *Patch) SetBugzillaIds(v []*string) *Patch {
|
||||
s.BugzillaIds = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetCVEIds sets the CVEIds field's value.
|
||||
func (s *Patch) SetCVEIds(v []*string) *Patch {
|
||||
s.CVEIds = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetClassification sets the Classification field's value.
|
||||
func (s *Patch) SetClassification(v string) *Patch {
|
||||
s.Classification = &v
|
||||
|
@ -38792,6 +38910,12 @@ func (s *Patch) SetDescription(v string) *Patch {
|
|||
return s
|
||||
}
|
||||
|
||||
// SetEpoch sets the Epoch field's value.
|
||||
func (s *Patch) SetEpoch(v int64) *Patch {
|
||||
s.Epoch = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetId sets the Id field's value.
|
||||
func (s *Patch) SetId(v string) *Patch {
|
||||
s.Id = &v
|
||||
|
@ -38822,6 +38946,12 @@ func (s *Patch) SetMsrcSeverity(v string) *Patch {
|
|||
return s
|
||||
}
|
||||
|
||||
// SetName sets the Name field's value.
|
||||
func (s *Patch) SetName(v string) *Patch {
|
||||
s.Name = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetProduct sets the Product field's value.
|
||||
func (s *Patch) SetProduct(v string) *Patch {
|
||||
s.Product = &v
|
||||
|
@ -38834,12 +38964,30 @@ func (s *Patch) SetProductFamily(v string) *Patch {
|
|||
return s
|
||||
}
|
||||
|
||||
// SetRelease sets the Release field's value.
|
||||
func (s *Patch) SetRelease(v string) *Patch {
|
||||
s.Release = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetReleaseDate sets the ReleaseDate field's value.
|
||||
func (s *Patch) SetReleaseDate(v time.Time) *Patch {
|
||||
s.ReleaseDate = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetRepository sets the Repository field's value.
|
||||
func (s *Patch) SetRepository(v string) *Patch {
|
||||
s.Repository = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetSeverity sets the Severity field's value.
|
||||
func (s *Patch) SetSeverity(v string) *Patch {
|
||||
s.Severity = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetTitle sets the Title field's value.
|
||||
func (s *Patch) SetTitle(v string) *Patch {
|
||||
s.Title = &v
|
||||
|
@ -38852,6 +39000,12 @@ func (s *Patch) SetVendor(v string) *Patch {
|
|||
return s
|
||||
}
|
||||
|
||||
// SetVersion sets the Version field's value.
|
||||
func (s *Patch) SetVersion(v string) *Patch {
|
||||
s.Version = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// Defines the basic information about a patch baseline.
|
||||
type PatchBaselineIdentity struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
@ -38920,6 +39074,10 @@ func (s *PatchBaselineIdentity) SetOperatingSystem(v string) *PatchBaselineIdent
|
|||
type PatchComplianceData struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The IDs of one or more Common Vulnerabilities and Exposure (CVE) issues that
|
||||
// are resolved by the patch.
|
||||
CVEIds *string `type:"string"`
|
||||
|
||||
// The classification of the patch (for example, SecurityUpdates, Updates, CriticalUpdates).
|
||||
//
|
||||
// Classification is a required field
|
||||
|
@ -38965,6 +39123,12 @@ func (s PatchComplianceData) GoString() string {
|
|||
return s.String()
|
||||
}
|
||||
|
||||
// SetCVEIds sets the CVEIds field's value.
|
||||
func (s *PatchComplianceData) SetCVEIds(v string) *PatchComplianceData {
|
||||
s.CVEIds = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetClassification sets the Classification field's value.
|
||||
func (s *PatchComplianceData) SetClassification(v string) *PatchComplianceData {
|
||||
s.Classification = &v
|
||||
|
@ -40044,8 +40208,7 @@ type PutParameterInput struct {
|
|||
|
||||
// The type of parameter that you want to add to the system.
|
||||
//
|
||||
// SecureString is not currently supported for AWS CloudFormation templates
|
||||
// or in the China Regions.
|
||||
// SecureString is not currently supported for AWS CloudFormation templates.
|
||||
//
|
||||
// Items in a StringList must be separated by a comma (,). You can't use other
|
||||
// punctuation or special character to escape items in the list. If you have
|
||||
|
@ -43025,6 +43188,8 @@ type SessionFilter struct {
|
|||
// with that status. Status values you can specify include: Connected Connecting
|
||||
// Disconnected Terminated Terminating Failed
|
||||
//
|
||||
// * SessionId: Specify a session ID to return details about the session.
|
||||
//
|
||||
// Value is a required field
|
||||
Value *string `locationName:"value" min:"1" type:"string" required:"true"`
|
||||
}
|
||||
|
@ -44356,7 +44521,9 @@ func (s *TargetLocation) SetTargetLocationMaxErrors(v string) *TargetLocation {
|
|||
// The specified target instance for the session is not fully configured for
|
||||
// use with Session Manager. For more information, see Getting started with
|
||||
// Session Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
// in the AWS Systems Manager User Guide. This error is also returned if you
|
||||
// attempt to start a session on an instance that is located in a different
|
||||
// account or Region
|
||||
type TargetNotConnected struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
@ -47539,6 +47706,9 @@ const (
|
|||
|
||||
// AutomationExecutionFilterKeyTagKey is a AutomationExecutionFilterKey enum value
|
||||
AutomationExecutionFilterKeyTagKey = "TagKey"
|
||||
|
||||
// AutomationExecutionFilterKeyTargetResourceGroup is a AutomationExecutionFilterKey enum value
|
||||
AutomationExecutionFilterKeyTargetResourceGroup = "TargetResourceGroup"
|
||||
)
|
||||
|
||||
// AutomationExecutionFilterKey_Values returns all elements of the AutomationExecutionFilterKey enum
|
||||
|
@ -47553,6 +47723,7 @@ func AutomationExecutionFilterKey_Values() []string {
|
|||
AutomationExecutionFilterKeyStartTimeAfter,
|
||||
AutomationExecutionFilterKeyAutomationType,
|
||||
AutomationExecutionFilterKeyTagKey,
|
||||
AutomationExecutionFilterKeyTargetResourceGroup,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -48754,6 +48925,15 @@ func PatchDeploymentStatus_Values() []string {
|
|||
}
|
||||
|
||||
const (
|
||||
// PatchFilterKeyArch is a PatchFilterKey enum value
|
||||
PatchFilterKeyArch = "ARCH"
|
||||
|
||||
// PatchFilterKeyAdvisoryId is a PatchFilterKey enum value
|
||||
PatchFilterKeyAdvisoryId = "ADVISORY_ID"
|
||||
|
||||
// PatchFilterKeyBugzillaId is a PatchFilterKey enum value
|
||||
PatchFilterKeyBugzillaId = "BUGZILLA_ID"
|
||||
|
||||
// PatchFilterKeyPatchSet is a PatchFilterKey enum value
|
||||
PatchFilterKeyPatchSet = "PATCH_SET"
|
||||
|
||||
|
@ -48766,9 +48946,18 @@ const (
|
|||
// PatchFilterKeyClassification is a PatchFilterKey enum value
|
||||
PatchFilterKeyClassification = "CLASSIFICATION"
|
||||
|
||||
// PatchFilterKeyCveId is a PatchFilterKey enum value
|
||||
PatchFilterKeyCveId = "CVE_ID"
|
||||
|
||||
// PatchFilterKeyEpoch is a PatchFilterKey enum value
|
||||
PatchFilterKeyEpoch = "EPOCH"
|
||||
|
||||
// PatchFilterKeyMsrcSeverity is a PatchFilterKey enum value
|
||||
PatchFilterKeyMsrcSeverity = "MSRC_SEVERITY"
|
||||
|
||||
// PatchFilterKeyName is a PatchFilterKey enum value
|
||||
PatchFilterKeyName = "NAME"
|
||||
|
||||
// PatchFilterKeyPatchId is a PatchFilterKey enum value
|
||||
PatchFilterKeyPatchId = "PATCH_ID"
|
||||
|
||||
|
@ -48778,22 +48967,44 @@ const (
|
|||
// PatchFilterKeyPriority is a PatchFilterKey enum value
|
||||
PatchFilterKeyPriority = "PRIORITY"
|
||||
|
||||
// PatchFilterKeyRepository is a PatchFilterKey enum value
|
||||
PatchFilterKeyRepository = "REPOSITORY"
|
||||
|
||||
// PatchFilterKeyRelease is a PatchFilterKey enum value
|
||||
PatchFilterKeyRelease = "RELEASE"
|
||||
|
||||
// PatchFilterKeySeverity is a PatchFilterKey enum value
|
||||
PatchFilterKeySeverity = "SEVERITY"
|
||||
|
||||
// PatchFilterKeySecurity is a PatchFilterKey enum value
|
||||
PatchFilterKeySecurity = "SECURITY"
|
||||
|
||||
// PatchFilterKeyVersion is a PatchFilterKey enum value
|
||||
PatchFilterKeyVersion = "VERSION"
|
||||
)
|
||||
|
||||
// PatchFilterKey_Values returns all elements of the PatchFilterKey enum
|
||||
func PatchFilterKey_Values() []string {
|
||||
return []string{
|
||||
PatchFilterKeyArch,
|
||||
PatchFilterKeyAdvisoryId,
|
||||
PatchFilterKeyBugzillaId,
|
||||
PatchFilterKeyPatchSet,
|
||||
PatchFilterKeyProduct,
|
||||
PatchFilterKeyProductFamily,
|
||||
PatchFilterKeyClassification,
|
||||
PatchFilterKeyCveId,
|
||||
PatchFilterKeyEpoch,
|
||||
PatchFilterKeyMsrcSeverity,
|
||||
PatchFilterKeyName,
|
||||
PatchFilterKeyPatchId,
|
||||
PatchFilterKeySection,
|
||||
PatchFilterKeyPriority,
|
||||
PatchFilterKeyRepository,
|
||||
PatchFilterKeyRelease,
|
||||
PatchFilterKeySeverity,
|
||||
PatchFilterKeySecurity,
|
||||
PatchFilterKeyVersion,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -48992,6 +49203,9 @@ const (
|
|||
|
||||
// SessionFilterKeyStatus is a SessionFilterKey enum value
|
||||
SessionFilterKeyStatus = "Status"
|
||||
|
||||
// SessionFilterKeySessionId is a SessionFilterKey enum value
|
||||
SessionFilterKeySessionId = "SessionId"
|
||||
)
|
||||
|
||||
// SessionFilterKey_Values returns all elements of the SessionFilterKey enum
|
||||
|
@ -49002,6 +49216,7 @@ func SessionFilterKey_Values() []string {
|
|||
SessionFilterKeyTarget,
|
||||
SessionFilterKeyOwner,
|
||||
SessionFilterKeyStatus,
|
||||
SessionFilterKeySessionId,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -585,7 +585,25 @@ const (
|
|||
// ErrCodeParameterMaxVersionLimitExceeded for service response error code
|
||||
// "ParameterMaxVersionLimitExceeded".
|
||||
//
|
||||
// The parameter exceeded the maximum number of allowed versions.
|
||||
// Parameter Store retains the 100 most recently created versions of a parameter.
|
||||
// After this number of versions has been created, Parameter Store deletes the
|
||||
// oldest version when a new one is created. However, if the oldest version
|
||||
// has a label attached to it, Parameter Store will not delete the version and
|
||||
// instead presents this error message:
|
||||
//
|
||||
// An error occurred (ParameterMaxVersionLimitExceeded) when calling the PutParameter
|
||||
// operation: You attempted to create a new version of parameter-name by calling
|
||||
// the PutParameter API with the overwrite flag. Version version-number, the
|
||||
// oldest version, can't be deleted because it has a label associated with it.
|
||||
// Move the label to another version of the parameter, and try again.
|
||||
//
|
||||
// This safeguard is to prevent parameter versions with mission critical labels
|
||||
// assigned to them from being deleted. To continue creating new parameters,
|
||||
// first move the label from the oldest version of the parameter to a newer
|
||||
// one for use in your operations. For information about moving parameter labels,
|
||||
// see Move a parameter label (console) (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html#sysman-paramstore-labels-console-move)
|
||||
// or Move a parameter label (CLI) (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html#sysman-paramstore-labels-cli-move)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
ErrCodeParameterMaxVersionLimitExceeded = "ParameterMaxVersionLimitExceeded"
|
||||
|
||||
// ErrCodeParameterNotFound for service response error code
|
||||
|
@ -701,7 +719,9 @@ const (
|
|||
// The specified target instance for the session is not fully configured for
|
||||
// use with Session Manager. For more information, see Getting started with
|
||||
// Session Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
// in the AWS Systems Manager User Guide. This error is also returned if you
|
||||
// attempt to start a session on an instance that is located in a different
|
||||
// account or Region
|
||||
ErrCodeTargetNotConnected = "TargetNotConnected"
|
||||
|
||||
// ErrCodeTooManyTagsError for service response error code
|
||||
|
|
|
@ -207,6 +207,10 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
|
|||
// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// * ErrCodeExpiredTokenException "ExpiredTokenException"
|
||||
// The web identity token that was passed is expired or is not valid. Get a
|
||||
// new identity token from the identity provider and then retry the request.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole
|
||||
func (c *STS) AssumeRole(input *AssumeRoleInput) (*AssumeRoleOutput, error) {
|
||||
req, out := c.AssumeRoleRequest(input)
|
||||
|
@ -626,7 +630,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
|
|||
// * Using Web Identity Federation API Operations for Mobile Apps (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html)
|
||||
// and Federation Through a Web-based Identity Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity).
|
||||
//
|
||||
// * Web Identity Federation Playground (https://web-identity-federation-playground.s3.amazonaws.com/index.html).
|
||||
// * Web Identity Federation Playground (https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/).
|
||||
// Walk through the process of authenticating through Login with Amazon,
|
||||
// Facebook, or Google, getting temporary security credentials, and then
|
||||
// using those credentials to make a request to AWS.
|
||||
|
@ -1788,7 +1792,7 @@ type AssumeRoleWithSAMLInput struct {
|
|||
// in the IAM User Guide.
|
||||
//
|
||||
// SAMLAssertion is a required field
|
||||
SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"`
|
||||
SAMLAssertion *string `min:"4" type:"string" required:"true"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
|
@ -2100,7 +2104,7 @@ type AssumeRoleWithWebIdentityInput struct {
|
|||
// the application makes an AssumeRoleWithWebIdentity call.
|
||||
//
|
||||
// WebIdentityToken is a required field
|
||||
WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"`
|
||||
WebIdentityToken *string `min:"4" type:"string" required:"true"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
|
|
|
@ -3,87 +3,11 @@
|
|||
// Package sts provides the client and types for making API
|
||||
// requests to AWS Security Token Service.
|
||||
//
|
||||
// The AWS Security Token Service (STS) is a web service that enables you to
|
||||
// request temporary, limited-privilege credentials for AWS Identity and Access
|
||||
// Management (IAM) users or for users that you authenticate (federated users).
|
||||
// This guide provides descriptions of the STS API. For more detailed information
|
||||
// about using this service, go to Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).
|
||||
//
|
||||
// For information about setting up signatures and authorization through the
|
||||
// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
|
||||
// in the AWS General Reference. For general information about the Query API,
|
||||
// go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
|
||||
// in Using IAM. For information about using security tokens with other AWS
|
||||
// products, go to AWS Services That Work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// If you're new to AWS and need additional technical information about a specific
|
||||
// AWS product, you can find the product's technical documentation at http://aws.amazon.com/documentation/
|
||||
// (http://aws.amazon.com/documentation/).
|
||||
//
|
||||
// Endpoints
|
||||
//
|
||||
// By default, AWS Security Token Service (STS) is available as a global service,
|
||||
// and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com.
|
||||
// Global requests map to the US East (N. Virginia) region. AWS recommends using
|
||||
// Regional AWS STS endpoints instead of the global endpoint to reduce latency,
|
||||
// build in redundancy, and increase session token validity. For more information,
|
||||
// see Managing AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Most AWS Regions are enabled for operations in all AWS services by default.
|
||||
// Those Regions are automatically activated for use with AWS STS. Some Regions,
|
||||
// such as Asia Pacific (Hong Kong), must be manually enabled. To learn more
|
||||
// about enabling and disabling AWS Regions, see Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html)
|
||||
// in the AWS General Reference. When you enable these AWS Regions, they are
|
||||
// automatically activated for use with AWS STS. You cannot activate the STS
|
||||
// endpoint for a Region that is disabled. Tokens that are valid in all AWS
|
||||
// Regions are longer than tokens that are valid in Regions that are enabled
|
||||
// by default. Changing this setting might affect existing systems where you
|
||||
// temporarily store tokens. For more information, see Managing Global Endpoint
|
||||
// Session Tokens (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#sts-regions-manage-tokens)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// After you activate a Region for use with AWS STS, you can direct AWS STS
|
||||
// API calls to that Region. AWS STS recommends that you provide both the Region
|
||||
// and endpoint when you make calls to a Regional endpoint. You can provide
|
||||
// the Region alone for manually enabled Regions, such as Asia Pacific (Hong
|
||||
// Kong). In this case, the calls are directed to the STS Regional endpoint.
|
||||
// However, if you provide the Region alone for Regions enabled by default,
|
||||
// the calls are directed to the global endpoint of https://sts.amazonaws.com.
|
||||
//
|
||||
// To view the list of AWS STS endpoints and whether they are active by default,
|
||||
// see Writing Code to Use AWS STS Regions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#id_credentials_temp_enable-regions_writing_code)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Recording API requests
|
||||
//
|
||||
// STS supports AWS CloudTrail, which is a service that records AWS calls for
|
||||
// your AWS account and delivers log files to an Amazon S3 bucket. By using
|
||||
// information collected by CloudTrail, you can determine what requests were
|
||||
// successfully made to STS, who made the request, when it was made, and so
|
||||
// on.
|
||||
//
|
||||
// If you activate AWS STS endpoints in Regions other than the default global
|
||||
// endpoint, then you must also turn on CloudTrail logging in those Regions.
|
||||
// This is necessary to record any AWS STS API calls that are made in those
|
||||
// Regions. For more information, see Turning On CloudTrail in Additional Regions
|
||||
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_turn_on_ct.html)
|
||||
// in the AWS CloudTrail User Guide.
|
||||
//
|
||||
// AWS Security Token Service (STS) is a global service with a single endpoint
|
||||
// at https://sts.amazonaws.com. Calls to this endpoint are logged as calls
|
||||
// to a global service. However, because this endpoint is physically located
|
||||
// in the US East (N. Virginia) Region, your logs list us-east-1 as the event
|
||||
// Region. CloudTrail does not write these logs to the US East (Ohio) Region
|
||||
// unless you choose to include global service logs in that Region. CloudTrail
|
||||
// writes calls to all Regional endpoints to their respective Regions. For example,
|
||||
// calls to sts.us-east-2.amazonaws.com are published to the US East (Ohio)
|
||||
// Region and calls to sts.eu-central-1.amazonaws.com are published to the EU
|
||||
// (Frankfurt) Region.
|
||||
//
|
||||
// To learn more about CloudTrail, including how to turn it on and find your
|
||||
// log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).
|
||||
// AWS Security Token Service (STS) enables you to request temporary, limited-privilege
|
||||
// credentials for AWS Identity and Access Management (IAM) users or for users
|
||||
// that you authenticate (federated users). This guide provides descriptions
|
||||
// of the STS API. For more information about using this service, see Temporary
|
||||
// Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -12,6 +12,17 @@ go:
|
|||
- 1.11.x
|
||||
- 1.12.x
|
||||
- 1.13.x
|
||||
- 1.14.x
|
||||
- 1.15.x
|
||||
- tip
|
||||
|
||||
install: go get -v -t ./...
|
||||
script: make test
|
||||
allow_failures:
|
||||
- go: tip
|
||||
|
||||
script: make build
|
||||
|
||||
matrix:
|
||||
include:
|
||||
- language: go
|
||||
go: 1.15.x
|
||||
script: make test
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
|
||||
CMD = jpgo
|
||||
|
||||
SRC_PKGS=./ ./cmd/... ./fuzz/...
|
||||
|
||||
help:
|
||||
@echo "Please use \`make <target>' where <target> is one of"
|
||||
@echo " test to run all the tests"
|
||||
|
@ -9,21 +11,22 @@ help:
|
|||
|
||||
|
||||
generate:
|
||||
go generate ./...
|
||||
go generate ${SRC_PKGS}
|
||||
|
||||
build:
|
||||
rm -f $(CMD)
|
||||
go build ./...
|
||||
go build ${SRC_PKGS}
|
||||
rm -f cmd/$(CMD)/$(CMD) && cd cmd/$(CMD)/ && go build ./...
|
||||
mv cmd/$(CMD)/$(CMD) .
|
||||
|
||||
test:
|
||||
go test -v ./...
|
||||
test: test-internal-testify
|
||||
echo "making tests ${SRC_PKGS}"
|
||||
go test -v ${SRC_PKGS}
|
||||
|
||||
check:
|
||||
go vet ./...
|
||||
@echo "golint ./..."
|
||||
@lint=`golint ./...`; \
|
||||
go vet ${SRC_PKGS}
|
||||
@echo "golint ${SRC_PKGS}"
|
||||
@lint=`golint ${SRC_PKGS}`; \
|
||||
lint=`echo "$$lint" | grep -v "astnodetype_string.go" | grep -v "toktype_string.go"`; \
|
||||
echo "$$lint"; \
|
||||
if [ "$$lint" != "" ]; then exit 1; fi
|
||||
|
@ -42,3 +45,7 @@ bench:
|
|||
|
||||
pprof-cpu:
|
||||
go tool pprof ./go-jmespath.test ./cpu.out
|
||||
|
||||
test-internal-testify:
|
||||
cd internal/testify && go test ./...
|
||||
|
||||
|
|
|
@ -2,4 +2,4 @@ module github.com/jmespath/go-jmespath
|
|||
|
||||
go 1.14
|
||||
|
||||
require github.com/stretchr/testify v1.5.1
|
||||
require github.com/jmespath/go-jmespath/internal/testify v1.5.1
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
|
||||
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
|
|
|
@ -728,7 +728,13 @@ func inHeadNoscriptIM(p *parser) bool {
|
|||
return inBodyIM(p)
|
||||
case a.Basefont, a.Bgsound, a.Link, a.Meta, a.Noframes, a.Style:
|
||||
return inHeadIM(p)
|
||||
case a.Head, a.Noscript:
|
||||
case a.Head:
|
||||
// Ignore the token.
|
||||
return true
|
||||
case a.Noscript:
|
||||
// Don't let the tokenizer go into raw text mode even when a <noscript>
|
||||
// tag is in "in head noscript" insertion mode.
|
||||
p.tokenizer.NextIsNotRawText()
|
||||
// Ignore the token.
|
||||
return true
|
||||
}
|
||||
|
@ -1790,6 +1796,13 @@ func inSelectIM(p *parser) bool {
|
|||
return true
|
||||
case a.Script, a.Template:
|
||||
return inHeadIM(p)
|
||||
case a.Iframe, a.Noembed, a.Noframes, a.Noscript, a.Plaintext, a.Style, a.Title, a.Xmp:
|
||||
// Don't let the tokenizer go into raw text mode when there are raw tags
|
||||
// to be ignored. These tags should be ignored from the tokenizer
|
||||
// properly.
|
||||
p.tokenizer.NextIsNotRawText()
|
||||
// Ignore the token.
|
||||
return true
|
||||
}
|
||||
case EndTagToken:
|
||||
switch p.tok.DataAtom {
|
||||
|
|
|
@ -154,12 +154,21 @@ func (t *Transport) pingTimeout() time.Duration {
|
|||
|
||||
// ConfigureTransport configures a net/http HTTP/1 Transport to use HTTP/2.
|
||||
// It returns an error if t1 has already been HTTP/2-enabled.
|
||||
//
|
||||
// Use ConfigureTransports instead to configure the HTTP/2 Transport.
|
||||
func ConfigureTransport(t1 *http.Transport) error {
|
||||
_, err := configureTransport(t1)
|
||||
_, err := ConfigureTransports(t1)
|
||||
return err
|
||||
}
|
||||
|
||||
func configureTransport(t1 *http.Transport) (*Transport, error) {
|
||||
// ConfigureTransports configures a net/http HTTP/1 Transport to use HTTP/2.
|
||||
// It returns a new HTTP/2 Transport for further configuration.
|
||||
// It returns an error if t1 has already been HTTP/2-enabled.
|
||||
func ConfigureTransports(t1 *http.Transport) (*Transport, error) {
|
||||
return configureTransports(t1)
|
||||
}
|
||||
|
||||
func configureTransports(t1 *http.Transport) (*Transport, error) {
|
||||
connPool := new(clientConnPool)
|
||||
t2 := &Transport{
|
||||
ConnPool: noDialClientConnPool{connPool},
|
||||
|
@ -1139,6 +1148,9 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
|
|||
// we can keep it.
|
||||
bodyWriter.cancel()
|
||||
cs.abortRequestBodyWrite(errStopReqBodyWrite)
|
||||
if hasBody && !bodyWritten {
|
||||
<-bodyWriter.resc
|
||||
}
|
||||
}
|
||||
if re.err != nil {
|
||||
cc.forgetStreamID(cs.ID)
|
||||
|
@ -1159,6 +1171,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
|
|||
} else {
|
||||
bodyWriter.cancel()
|
||||
cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
|
||||
<-bodyWriter.resc
|
||||
}
|
||||
cc.forgetStreamID(cs.ID)
|
||||
return nil, cs.getStartedWrite(), errTimeout
|
||||
|
@ -1168,6 +1181,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
|
|||
} else {
|
||||
bodyWriter.cancel()
|
||||
cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
|
||||
<-bodyWriter.resc
|
||||
}
|
||||
cc.forgetStreamID(cs.ID)
|
||||
return nil, cs.getStartedWrite(), ctx.Err()
|
||||
|
@ -1177,6 +1191,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
|
|||
} else {
|
||||
bodyWriter.cancel()
|
||||
cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
|
||||
<-bodyWriter.resc
|
||||
}
|
||||
cc.forgetStreamID(cs.ID)
|
||||
return nil, cs.getStartedWrite(), errRequestCanceled
|
||||
|
@ -1186,6 +1201,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
|
|||
// forgetStreamID.
|
||||
return nil, cs.getStartedWrite(), cs.resetErr
|
||||
case err := <-bodyWriter.resc:
|
||||
bodyWritten = true
|
||||
// Prefer the read loop's response, if available. Issue 16102.
|
||||
select {
|
||||
case re := <-readLoopResCh:
|
||||
|
@ -1196,7 +1212,6 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
|
|||
cc.forgetStreamID(cs.ID)
|
||||
return nil, cs.getStartedWrite(), err
|
||||
}
|
||||
bodyWritten = true
|
||||
if d := cc.responseHeaderTimeout(); d != 0 {
|
||||
timer := time.NewTimer(d)
|
||||
defer timer.Stop()
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
|
||||
|
||||
// +build go1.14
|
||||
// +build go1.14,!go1.16
|
||||
|
||||
package idna
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -102,7 +102,7 @@ github.com/approvals/go-approval-tests/utils
|
|||
github.com/armon/go-metrics
|
||||
# github.com/armon/go-radix v1.0.0
|
||||
github.com/armon/go-radix
|
||||
# github.com/aws/aws-sdk-go v1.34.26
|
||||
# github.com/aws/aws-sdk-go v1.36.0
|
||||
github.com/aws/aws-sdk-go/aws
|
||||
github.com/aws/aws-sdk-go/aws/arn
|
||||
github.com/aws/aws-sdk-go/aws/awserr
|
||||
|
@ -124,7 +124,9 @@ github.com/aws/aws-sdk-go/aws/session
|
|||
github.com/aws/aws-sdk-go/aws/signer/v4
|
||||
github.com/aws/aws-sdk-go/internal/context
|
||||
github.com/aws/aws-sdk-go/internal/ini
|
||||
github.com/aws/aws-sdk-go/internal/s3err
|
||||
github.com/aws/aws-sdk-go/internal/s3shared
|
||||
github.com/aws/aws-sdk-go/internal/s3shared/arn
|
||||
github.com/aws/aws-sdk-go/internal/s3shared/s3err
|
||||
github.com/aws/aws-sdk-go/internal/sdkio
|
||||
github.com/aws/aws-sdk-go/internal/sdkmath
|
||||
github.com/aws/aws-sdk-go/internal/sdkrand
|
||||
|
@ -149,7 +151,6 @@ github.com/aws/aws-sdk-go/service/ec2/ec2iface
|
|||
github.com/aws/aws-sdk-go/service/ecr
|
||||
github.com/aws/aws-sdk-go/service/iam
|
||||
github.com/aws/aws-sdk-go/service/s3
|
||||
github.com/aws/aws-sdk-go/service/s3/internal/arn
|
||||
github.com/aws/aws-sdk-go/service/s3/s3iface
|
||||
github.com/aws/aws-sdk-go/service/s3/s3manager
|
||||
github.com/aws/aws-sdk-go/service/secretsmanager
|
||||
|
@ -391,7 +392,7 @@ github.com/jdcloud-api/jdcloud-sdk-go/services/vpc/client
|
|||
github.com/jdcloud-api/jdcloud-sdk-go/services/vpc/models
|
||||
# github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869
|
||||
github.com/jehiah/go-strftime
|
||||
# github.com/jmespath/go-jmespath v0.3.0
|
||||
# github.com/jmespath/go-jmespath v0.4.0
|
||||
github.com/jmespath/go-jmespath
|
||||
# github.com/joyent/triton-go v0.0.0-20180628001255-830d2b111e62
|
||||
github.com/joyent/triton-go
|
||||
|
@ -708,7 +709,7 @@ golang.org/x/mobile/event/key
|
|||
# golang.org/x/mod v0.3.0
|
||||
golang.org/x/mod/module
|
||||
golang.org/x/mod/semver
|
||||
# golang.org/x/net v0.0.0-20201021035429-f5854403a974
|
||||
# golang.org/x/net v0.0.0-20201110031124-69a78807bb2b
|
||||
golang.org/x/net/context
|
||||
golang.org/x/net/context/ctxhttp
|
||||
golang.org/x/net/html
|
||||
|
|
|
@ -23,12 +23,17 @@
|
|||
|
||||
- `snapshot_id` (string) - The ID of the snapshot.
|
||||
|
||||
- `throughput` (int64) - The throughput for gp3 volumes, only valid for gp3 types
|
||||
See the documentation on
|
||||
[Throughput](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html)
|
||||
for more information
|
||||
|
||||
- `virtual_name` (string) - The virtual device name. See the documentation on Block Device Mapping
|
||||
for more information.
|
||||
|
||||
- `volume_type` (string) - The volume type. gp2 for General Purpose (SSD) volumes, io1 for
|
||||
Provisioned IOPS (SSD) volumes, st1 for Throughput Optimized HDD, sc1
|
||||
for Cold HDD, and standard for Magnetic volumes.
|
||||
- `volume_type` (string) - The volume type. gp2 & gp3 for General Purpose (SSD) volumes, io1 & io2
|
||||
for Provisioned IOPS (SSD) volumes, st1 for Throughput Optimized HDD,
|
||||
sc1 for Cold HDD, and standard for Magnetic volumes.
|
||||
|
||||
- `volume_size` (int64) - The size of the volume, in GiB. Required if not specifying a
|
||||
snapshot_id.
|
||||
|
|
Loading…
Reference in New Issue