Merge pull request #9981 from hashicorp/assume_role
Implement assume_role for Packer.
This commit is contained in:
commit
e41100290e
|
@ -41,7 +41,9 @@ type FlatConfig struct {
|
|||
SnapshotUsers []string `mapstructure:"snapshot_users" required:"false" cty:"snapshot_users" hcl:"snapshot_users"`
|
||||
SnapshotGroups []string `mapstructure:"snapshot_groups" required:"false" cty:"snapshot_groups" hcl:"snapshot_groups"`
|
||||
AccessKey *string `mapstructure:"access_key" required:"true" cty:"access_key" hcl:"access_key"`
|
||||
AssumeRole *common.FlatAssumeRoleConfig `mapstructure:"assume_role" required:"false" cty:"assume_role" hcl:"assume_role"`
|
||||
CustomEndpointEc2 *string `mapstructure:"custom_endpoint_ec2" required:"false" cty:"custom_endpoint_ec2" hcl:"custom_endpoint_ec2"`
|
||||
CredsFilename *string `mapstructure:"shared_credentials_file" required:"false" cty:"shared_credentials_file" hcl:"shared_credentials_file"`
|
||||
DecodeAuthZMessages *bool `mapstructure:"decode_authorization_messages" required:"false" cty:"decode_authorization_messages" hcl:"decode_authorization_messages"`
|
||||
InsecureSkipTLSVerify *bool `mapstructure:"insecure_skip_tls_verify" required:"false" cty:"insecure_skip_tls_verify" hcl:"insecure_skip_tls_verify"`
|
||||
MaxRetries *int `mapstructure:"max_retries" required:"false" cty:"max_retries" hcl:"max_retries"`
|
||||
|
@ -117,7 +119,9 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
|
|||
"snapshot_users": &hcldec.AttrSpec{Name: "snapshot_users", Type: cty.List(cty.String), Required: false},
|
||||
"snapshot_groups": &hcldec.AttrSpec{Name: "snapshot_groups", Type: cty.List(cty.String), Required: false},
|
||||
"access_key": &hcldec.AttrSpec{Name: "access_key", Type: cty.String, Required: false},
|
||||
"assume_role": &hcldec.BlockSpec{TypeName: "assume_role", Nested: hcldec.ObjectSpec((*common.FlatAssumeRoleConfig)(nil).HCL2Spec())},
|
||||
"custom_endpoint_ec2": &hcldec.AttrSpec{Name: "custom_endpoint_ec2", Type: cty.String, Required: false},
|
||||
"shared_credentials_file": &hcldec.AttrSpec{Name: "shared_credentials_file", Type: cty.String, Required: false},
|
||||
"decode_authorization_messages": &hcldec.AttrSpec{Name: "decode_authorization_messages", Type: cty.Bool, Required: false},
|
||||
"insecure_skip_tls_verify": &hcldec.AttrSpec{Name: "insecure_skip_tls_verify", Type: cty.Bool, Required: false},
|
||||
"max_retries": &hcldec.AttrSpec{Name: "max_retries", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
//go:generate struct-markdown
|
||||
//go:generate mapstructure-to-hcl2 -type VaultAWSEngineOptions
|
||||
//go:generate mapstructure-to-hcl2 -type VaultAWSEngineOptions,AssumeRoleConfig
|
||||
|
||||
package common
|
||||
|
||||
|
@ -9,17 +9,72 @@ import (
|
|||
"log"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
awsCredentials "github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
|
||||
"github.com/aws/aws-sdk-go/aws/session"
|
||||
"github.com/aws/aws-sdk-go/service/ec2"
|
||||
"github.com/aws/aws-sdk-go/service/ec2/ec2iface"
|
||||
"github.com/aws/aws-sdk-go/service/sts"
|
||||
cleanhttp "github.com/hashicorp/go-cleanhttp"
|
||||
"github.com/hashicorp/packer/template/interpolate"
|
||||
vaultapi "github.com/hashicorp/vault/api"
|
||||
homedir "github.com/mitchellh/go-homedir"
|
||||
)
|
||||
|
||||
// AssumeRoleConfig lets users set configuration options for assuming a special
|
||||
// role when executing Packer.
|
||||
//
|
||||
// Usage example:
|
||||
//
|
||||
// HCL config example:
|
||||
//
|
||||
// ```HCL
|
||||
// source "example" "amazon-ebs"{
|
||||
// assume_role {
|
||||
// role_arn = "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME"
|
||||
// session_name = "SESSION_NAME"
|
||||
// external_id = "EXTERNAL_ID"
|
||||
// }
|
||||
// }
|
||||
// ```
|
||||
//
|
||||
// JSON config example:
|
||||
//
|
||||
// ```json
|
||||
// builder{
|
||||
// "type": "amazon-ebs",
|
||||
// "assume_role": {
|
||||
// "role_arn" : "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME",
|
||||
// "session_name": "SESSION_NAME",
|
||||
// "external_id" : "EXTERNAL_ID"
|
||||
// }
|
||||
// }
|
||||
// ```
|
||||
type AssumeRoleConfig struct {
|
||||
// Amazon Resource Name (ARN) of the IAM Role to assume.
|
||||
AssumeRoleARN string `mapstructure:"role_arn" required:"false"`
|
||||
// Number of seconds to restrict the assume role session duration.
|
||||
AssumeRoleDurationSeconds int `mapstructure:"duration_seconds" required:"false"`
|
||||
// The external ID to use when assuming the role. If omitted, no external
|
||||
// ID is passed to the AssumeRole call.
|
||||
AssumeRoleExternalID string `mapstructure:"external_id" required:"false"`
|
||||
// IAM Policy JSON describing further restricting permissions for the IAM
|
||||
// Role being assumed.
|
||||
AssumeRolePolicy string `mapstructure:"policy" required:"false"`
|
||||
// Set of Amazon Resource Names (ARNs) of IAM Policies describing further
|
||||
// restricting permissions for the IAM Role being
|
||||
AssumeRolePolicyARNs []string `mapstructure:"policy_arns" required:"false"`
|
||||
// Session name to use when assuming the role.
|
||||
AssumeRoleSessionName string `mapstructure:"session_name" required:"false"`
|
||||
// Map of assume role session tags.
|
||||
AssumeRoleTags map[string]string `mapstructure:"tags" required:"false"`
|
||||
// Set of assume role session tag keys to pass to any subsequent sessions.
|
||||
AssumeRoleTransitiveTagKeys []string `mapstructure:"transitive_tag_keys" required:"false"`
|
||||
}
|
||||
|
||||
type VaultAWSEngineOptions struct {
|
||||
Name string `mapstructure:"name"`
|
||||
RoleARN string `mapstructure:"role_arn"`
|
||||
|
@ -48,10 +103,17 @@ type AccessConfig struct {
|
|||
// is not required if you are using `use_vault_aws_engine` for
|
||||
// authentication instead.
|
||||
AccessKey string `mapstructure:"access_key" required:"true"`
|
||||
// If provided with a role ARN, Packer will attempt to assume this role
|
||||
// using the supplied credentials. See
|
||||
// [AssumeRoleConfig](#assume-role-configuration) below for more
|
||||
// details on all of the options available, and for a usage example.
|
||||
AssumeRole AssumeRoleConfig `mapstructure:"assume_role" required:"false"`
|
||||
// This option is useful if you use a cloud
|
||||
// provider whose API is compatible with aws EC2. Specify another endpoint
|
||||
// like this https://ec2.custom.endpoint.com.
|
||||
CustomEndpointEc2 string `mapstructure:"custom_endpoint_ec2" required:"false"`
|
||||
// Path to a credentials file to load credentials from
|
||||
CredsFilename string `mapstructure:"shared_credentials_file" required:"false"`
|
||||
// Enable automatic decoding of any encoded authorization (error) messages
|
||||
// using the `sts:DecodeAuthorizationMessage` API. Note: requires that the
|
||||
// effective user/role have permissions to `sts:DecodeAuthorizationMessage`
|
||||
|
@ -152,16 +214,13 @@ func (c *AccessConfig) Session() (*session.Session, error) {
|
|||
return c.session, nil
|
||||
}
|
||||
|
||||
// Create new AWS config
|
||||
config := aws.NewConfig().WithCredentialsChainVerboseErrors(true)
|
||||
if c.MaxRetries > 0 {
|
||||
config = config.WithMaxRetries(c.MaxRetries)
|
||||
}
|
||||
|
||||
staticCreds := credentials.NewStaticCredentials(c.AccessKey, c.SecretKey, c.Token)
|
||||
if _, err := staticCreds.Get(); err != credentials.ErrStaticCredentialsEmpty {
|
||||
config.WithCredentials(staticCreds)
|
||||
}
|
||||
|
||||
// Set AWS config defaults.
|
||||
if c.RawRegion != "" {
|
||||
config = config.WithRegion(c.RawRegion)
|
||||
}
|
||||
|
@ -179,6 +238,16 @@ func (c *AccessConfig) Session() (*session.Session, error) {
|
|||
}
|
||||
transport.Proxy = http.ProxyFromEnvironment
|
||||
|
||||
// Figure out which possible credential providers are valid; test that we
|
||||
// can get credentials via the selected providers, and set the providers in
|
||||
// the config.
|
||||
creds, err := c.GetCredentials(config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
config.WithCredentials(creds)
|
||||
|
||||
// Create session options based on our AWS config
|
||||
opts := session.Options{
|
||||
SharedConfigState: session.SharedConfigEnable,
|
||||
Config: *config,
|
||||
|
@ -204,9 +273,7 @@ func (c *AccessConfig) Session() (*session.Session, error) {
|
|||
cp, err := c.session.Config.Credentials.Get()
|
||||
|
||||
if IsAWSErr(err, "NoCredentialProviders", "") {
|
||||
return nil, fmt.Errorf("No valid credential sources found for AWS Builder. " +
|
||||
"Please see https://www.packer.io/docs/builders/amazon#specifying-amazon-credentials " +
|
||||
"for more information on providing credentials for the AWS Builder.")
|
||||
return nil, c.NewNoValidCredentialSourcesError(err)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
|
@ -237,6 +304,176 @@ func (c *AccessConfig) IsChinaCloud() bool {
|
|||
return strings.HasPrefix(c.SessionRegion(), "cn-")
|
||||
}
|
||||
|
||||
// GetCredentials gets credentials from the environment, shared credentials,
|
||||
// the session (which may include a credential process), or ECS/EC2 metadata
|
||||
// endpoints. GetCredentials also validates the credentials and the ability to
|
||||
// assume a role or will return an error if unsuccessful.
|
||||
func (c *AccessConfig) GetCredentials(config *aws.Config) (*awsCredentials.Credentials, error) {
|
||||
|
||||
sharedCredentialsFilename, err := homedir.Expand(c.CredsFilename)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error expanding shared credentials filename: %w", err)
|
||||
}
|
||||
|
||||
// Create a credentials chain that tries to load credentials from various
|
||||
// common sources: config vars, then local profiles.
|
||||
// Rather than using the default credentials chain, build a chain provider,
|
||||
// lazy-evaluated by aws-sdk
|
||||
providers := []awsCredentials.Provider{
|
||||
// Tries to set new credentials object using the given
|
||||
// access_key/secret_key/token. If they are not set, this will fail
|
||||
// over to the other credentials providers
|
||||
&awsCredentials.StaticProvider{Value: awsCredentials.Value{
|
||||
AccessKeyID: c.AccessKey,
|
||||
SecretAccessKey: c.SecretKey,
|
||||
SessionToken: c.Token,
|
||||
}},
|
||||
// Tries to load credentials from environment.
|
||||
&awsCredentials.EnvProvider{},
|
||||
// Tries to load credentials from local file.
|
||||
// If sharedCredentialsFilename is empty, the AWS sdk will use the
|
||||
// environment var AWS_SHARED_CREDENTIALS_FILE to determine the file
|
||||
// location, and if that's not set, AWS will use the default locations
|
||||
// of:
|
||||
// - Linux/Unix: $HOME/.aws/credentials
|
||||
// - Windows: %USERPROFILE%\.aws\credentials
|
||||
&awsCredentials.SharedCredentialsProvider{
|
||||
Filename: sharedCredentialsFilename,
|
||||
Profile: c.ProfileName,
|
||||
},
|
||||
}
|
||||
|
||||
// Validate the credentials before returning them
|
||||
creds := awsCredentials.NewChainCredentials(providers)
|
||||
cp, err := creds.Get()
|
||||
if err != nil {
|
||||
if IsAWSErr(err, "NoCredentialProviders", "") {
|
||||
creds, err = c.GetCredentialsFromSession()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
return nil, fmt.Errorf("Error loading credentials for AWS Provider: %w", err)
|
||||
}
|
||||
|
||||
log.Printf("[INFO] AWS Auth provider used: %q", cp.ProviderName)
|
||||
|
||||
// In the "normal" flow (i.e. not assuming a role), we return here.
|
||||
if c.AssumeRole.AssumeRoleARN == "" {
|
||||
return creds, nil
|
||||
}
|
||||
|
||||
// create a config for the assume role session based off the config we
|
||||
// created for our main sessions
|
||||
assumeRoleAWSConfig := config.Copy()
|
||||
assumeRoleAWSConfig.CredentialsChainVerboseErrors = aws.Bool(true)
|
||||
|
||||
assumeRoleSession, err := session.NewSession(assumeRoleAWSConfig)
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error creating assume role session: %w", err)
|
||||
}
|
||||
|
||||
stsclient := sts.New(assumeRoleSession)
|
||||
assumeRoleProvider := &stscreds.AssumeRoleProvider{
|
||||
Client: stsclient,
|
||||
RoleARN: c.AssumeRole.AssumeRoleARN,
|
||||
}
|
||||
|
||||
if c.AssumeRole.AssumeRoleDurationSeconds > 0 {
|
||||
assumeRoleProvider.Duration = time.Duration(c.AssumeRole.AssumeRoleDurationSeconds) * time.Second
|
||||
}
|
||||
|
||||
if c.AssumeRole.AssumeRoleExternalID != "" {
|
||||
assumeRoleProvider.ExternalID = aws.String(c.AssumeRole.AssumeRoleExternalID)
|
||||
}
|
||||
|
||||
if c.AssumeRole.AssumeRolePolicy != "" {
|
||||
assumeRoleProvider.Policy = aws.String(c.AssumeRole.AssumeRolePolicy)
|
||||
}
|
||||
|
||||
if len(c.AssumeRole.AssumeRolePolicyARNs) > 0 {
|
||||
var policyDescriptorTypes []*sts.PolicyDescriptorType
|
||||
|
||||
for _, policyARN := range c.AssumeRole.AssumeRolePolicyARNs {
|
||||
policyDescriptorType := &sts.PolicyDescriptorType{
|
||||
Arn: aws.String(policyARN),
|
||||
}
|
||||
policyDescriptorTypes = append(policyDescriptorTypes, policyDescriptorType)
|
||||
}
|
||||
|
||||
assumeRoleProvider.PolicyArns = policyDescriptorTypes
|
||||
}
|
||||
|
||||
if c.AssumeRole.AssumeRoleSessionName != "" {
|
||||
assumeRoleProvider.RoleSessionName = c.AssumeRole.AssumeRoleSessionName
|
||||
}
|
||||
|
||||
if len(c.AssumeRole.AssumeRoleTags) > 0 {
|
||||
var tags []*sts.Tag
|
||||
|
||||
for k, v := range c.AssumeRole.AssumeRoleTags {
|
||||
tag := &sts.Tag{
|
||||
Key: aws.String(k),
|
||||
Value: aws.String(v),
|
||||
}
|
||||
tags = append(tags, tag)
|
||||
}
|
||||
|
||||
assumeRoleProvider.Tags = tags
|
||||
}
|
||||
|
||||
if len(c.AssumeRole.AssumeRoleTransitiveTagKeys) > 0 {
|
||||
assumeRoleProvider.TransitiveTagKeys = aws.StringSlice(c.AssumeRole.AssumeRoleTransitiveTagKeys)
|
||||
}
|
||||
|
||||
providers = []awsCredentials.Provider{assumeRoleProvider}
|
||||
|
||||
assumeRoleCreds := awsCredentials.NewChainCredentials(providers)
|
||||
|
||||
_, err = assumeRoleCreds.Get()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to assume role: %w", err)
|
||||
}
|
||||
|
||||
return assumeRoleCreds, nil
|
||||
}
|
||||
|
||||
// GetCredentialsFromSession returns credentials derived from a session. A
|
||||
// session uses the AWS SDK Go chain of providers so may use a provider (e.g.,
|
||||
// ProcessProvider) that is not part of the Terraform provider chain.
|
||||
func (c *AccessConfig) GetCredentialsFromSession() (*awsCredentials.Credentials, error) {
|
||||
log.Printf("[INFO] Attempting to use session-derived credentials")
|
||||
// Avoid setting HTTPClient here as it will prevent the ec2metadata
|
||||
// client from automatically lowering the timeout to 1 second.
|
||||
options := &session.Options{
|
||||
Config: aws.Config{
|
||||
MaxRetries: aws.Int(0),
|
||||
Region: aws.String(c.RawRegion),
|
||||
},
|
||||
Profile: c.ProfileName,
|
||||
SharedConfigState: session.SharedConfigEnable,
|
||||
}
|
||||
|
||||
sess, err := session.NewSessionWithOptions(*options)
|
||||
if err != nil {
|
||||
if IsAWSErr(err, "NoCredentialProviders", "") {
|
||||
return nil, c.NewNoValidCredentialSourcesError(err)
|
||||
}
|
||||
return nil, fmt.Errorf("Error creating AWS session: %w", err)
|
||||
}
|
||||
|
||||
creds := sess.Config.Credentials
|
||||
cp, err := sess.Config.Credentials.Get()
|
||||
if err != nil {
|
||||
return nil, c.NewNoValidCredentialSourcesError(err)
|
||||
}
|
||||
|
||||
log.Printf("[INFO] Successfully derived credentials from session")
|
||||
log.Printf("[INFO] AWS Auth provider used: %q", cp.ProviderName)
|
||||
return creds, nil
|
||||
}
|
||||
|
||||
func (c *AccessConfig) GetCredsFromVault() error {
|
||||
// const EnvVaultAddress = "VAULT_ADDR"
|
||||
// const EnvVaultToken = "VAULT_TOKEN"
|
||||
|
@ -306,6 +543,13 @@ func (c *AccessConfig) Prepare(ctx *interpolate.Context) []error {
|
|||
return errs
|
||||
}
|
||||
|
||||
func (c *AccessConfig) NewNoValidCredentialSourcesError(err error) error {
|
||||
return fmt.Errorf("No valid credential sources found for AWS Builder. "+
|
||||
"Please see https://www.packer.io/docs/builders/amazon#authentication "+
|
||||
"for more information on providing credentials for the AWS Builder. "+
|
||||
"Error: %w", err)
|
||||
}
|
||||
|
||||
func (c *AccessConfig) NewEC2Connection() (ec2iface.EC2API, error) {
|
||||
if c.getEC2Connection != nil {
|
||||
return c.getEC2Connection(), nil
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// Code generated by "mapstructure-to-hcl2 -type VaultAWSEngineOptions"; DO NOT EDIT.
|
||||
// Code generated by "mapstructure-to-hcl2 -type VaultAWSEngineOptions,AssumeRoleConfig"; DO NOT EDIT.
|
||||
package common
|
||||
|
||||
import (
|
||||
|
@ -6,6 +6,43 @@ import (
|
|||
"github.com/zclconf/go-cty/cty"
|
||||
)
|
||||
|
||||
// FlatAssumeRoleConfig is an auto-generated flat version of AssumeRoleConfig.
|
||||
// Where the contents of a field with a `mapstructure:,squash` tag are bubbled up.
|
||||
type FlatAssumeRoleConfig struct {
|
||||
AssumeRoleARN *string `mapstructure:"role_arn" required:"false" cty:"role_arn" hcl:"role_arn"`
|
||||
AssumeRoleDurationSeconds *int `mapstructure:"duration_seconds" required:"false" cty:"duration_seconds" hcl:"duration_seconds"`
|
||||
AssumeRoleExternalID *string `mapstructure:"external_id" required:"false" cty:"external_id" hcl:"external_id"`
|
||||
AssumeRolePolicy *string `mapstructure:"policy" required:"false" cty:"policy" hcl:"policy"`
|
||||
AssumeRolePolicyARNs []string `mapstructure:"policy_arns" required:"false" cty:"policy_arns" hcl:"policy_arns"`
|
||||
AssumeRoleSessionName *string `mapstructure:"session_name" required:"false" cty:"session_name" hcl:"session_name"`
|
||||
AssumeRoleTags map[string]string `mapstructure:"tags" required:"false" cty:"tags" hcl:"tags"`
|
||||
AssumeRoleTransitiveTagKeys []string `mapstructure:"transitive_tag_keys" required:"false" cty:"transitive_tag_keys" hcl:"transitive_tag_keys"`
|
||||
}
|
||||
|
||||
// FlatMapstructure returns a new FlatAssumeRoleConfig.
|
||||
// FlatAssumeRoleConfig is an auto-generated flat version of AssumeRoleConfig.
|
||||
// Where the contents a fields with a `mapstructure:,squash` tag are bubbled up.
|
||||
func (*AssumeRoleConfig) FlatMapstructure() interface{ HCL2Spec() map[string]hcldec.Spec } {
|
||||
return new(FlatAssumeRoleConfig)
|
||||
}
|
||||
|
||||
// HCL2Spec returns the hcl spec of a AssumeRoleConfig.
|
||||
// This spec is used by HCL to read the fields of AssumeRoleConfig.
|
||||
// The decoded values from this spec will then be applied to a FlatAssumeRoleConfig.
|
||||
func (*FlatAssumeRoleConfig) HCL2Spec() map[string]hcldec.Spec {
|
||||
s := map[string]hcldec.Spec{
|
||||
"role_arn": &hcldec.AttrSpec{Name: "role_arn", Type: cty.String, Required: false},
|
||||
"duration_seconds": &hcldec.AttrSpec{Name: "duration_seconds", Type: cty.Number, Required: false},
|
||||
"external_id": &hcldec.AttrSpec{Name: "external_id", Type: cty.String, Required: false},
|
||||
"policy": &hcldec.AttrSpec{Name: "policy", Type: cty.String, Required: false},
|
||||
"policy_arns": &hcldec.AttrSpec{Name: "policy_arns", Type: cty.List(cty.String), Required: false},
|
||||
"session_name": &hcldec.AttrSpec{Name: "session_name", Type: cty.String, Required: false},
|
||||
"tags": &hcldec.AttrSpec{Name: "tags", Type: cty.Map(cty.String), Required: false},
|
||||
"transitive_tag_keys": &hcldec.AttrSpec{Name: "transitive_tag_keys", Type: cty.List(cty.String), Required: false},
|
||||
}
|
||||
return s
|
||||
}
|
||||
|
||||
// FlatVaultAWSEngineOptions is an auto-generated flat version of VaultAWSEngineOptions.
|
||||
// Where the contents of a field with a `mapstructure:,squash` tag are bubbled up.
|
||||
type FlatVaultAWSEngineOptions struct {
|
||||
|
|
|
@ -19,7 +19,9 @@ type FlatConfig struct {
|
|||
PackerUserVars map[string]string `mapstructure:"packer_user_variables" cty:"packer_user_variables" hcl:"packer_user_variables"`
|
||||
PackerSensitiveVars []string `mapstructure:"packer_sensitive_variables" cty:"packer_sensitive_variables" hcl:"packer_sensitive_variables"`
|
||||
AccessKey *string `mapstructure:"access_key" required:"true" cty:"access_key" hcl:"access_key"`
|
||||
AssumeRole *common.FlatAssumeRoleConfig `mapstructure:"assume_role" required:"false" cty:"assume_role" hcl:"assume_role"`
|
||||
CustomEndpointEc2 *string `mapstructure:"custom_endpoint_ec2" required:"false" cty:"custom_endpoint_ec2" hcl:"custom_endpoint_ec2"`
|
||||
CredsFilename *string `mapstructure:"shared_credentials_file" required:"false" cty:"shared_credentials_file" hcl:"shared_credentials_file"`
|
||||
DecodeAuthZMessages *bool `mapstructure:"decode_authorization_messages" required:"false" cty:"decode_authorization_messages" hcl:"decode_authorization_messages"`
|
||||
InsecureSkipTLSVerify *bool `mapstructure:"insecure_skip_tls_verify" required:"false" cty:"insecure_skip_tls_verify" hcl:"insecure_skip_tls_verify"`
|
||||
MaxRetries *int `mapstructure:"max_retries" required:"false" cty:"max_retries" hcl:"max_retries"`
|
||||
|
@ -160,7 +162,9 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
|
|||
"packer_user_variables": &hcldec.AttrSpec{Name: "packer_user_variables", Type: cty.Map(cty.String), Required: false},
|
||||
"packer_sensitive_variables": &hcldec.AttrSpec{Name: "packer_sensitive_variables", Type: cty.List(cty.String), Required: false},
|
||||
"access_key": &hcldec.AttrSpec{Name: "access_key", Type: cty.String, Required: false},
|
||||
"assume_role": &hcldec.BlockSpec{TypeName: "assume_role", Nested: hcldec.ObjectSpec((*common.FlatAssumeRoleConfig)(nil).HCL2Spec())},
|
||||
"custom_endpoint_ec2": &hcldec.AttrSpec{Name: "custom_endpoint_ec2", Type: cty.String, Required: false},
|
||||
"shared_credentials_file": &hcldec.AttrSpec{Name: "shared_credentials_file", Type: cty.String, Required: false},
|
||||
"decode_authorization_messages": &hcldec.AttrSpec{Name: "decode_authorization_messages", Type: cty.Bool, Required: false},
|
||||
"insecure_skip_tls_verify": &hcldec.AttrSpec{Name: "insecure_skip_tls_verify", Type: cty.Bool, Required: false},
|
||||
"max_retries": &hcldec.AttrSpec{Name: "max_retries", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -62,7 +62,9 @@ type FlatConfig struct {
|
|||
PackerUserVars map[string]string `mapstructure:"packer_user_variables" cty:"packer_user_variables" hcl:"packer_user_variables"`
|
||||
PackerSensitiveVars []string `mapstructure:"packer_sensitive_variables" cty:"packer_sensitive_variables" hcl:"packer_sensitive_variables"`
|
||||
AccessKey *string `mapstructure:"access_key" required:"true" cty:"access_key" hcl:"access_key"`
|
||||
AssumeRole *common.FlatAssumeRoleConfig `mapstructure:"assume_role" required:"false" cty:"assume_role" hcl:"assume_role"`
|
||||
CustomEndpointEc2 *string `mapstructure:"custom_endpoint_ec2" required:"false" cty:"custom_endpoint_ec2" hcl:"custom_endpoint_ec2"`
|
||||
CredsFilename *string `mapstructure:"shared_credentials_file" required:"false" cty:"shared_credentials_file" hcl:"shared_credentials_file"`
|
||||
DecodeAuthZMessages *bool `mapstructure:"decode_authorization_messages" required:"false" cty:"decode_authorization_messages" hcl:"decode_authorization_messages"`
|
||||
InsecureSkipTLSVerify *bool `mapstructure:"insecure_skip_tls_verify" required:"false" cty:"insecure_skip_tls_verify" hcl:"insecure_skip_tls_verify"`
|
||||
MaxRetries *int `mapstructure:"max_retries" required:"false" cty:"max_retries" hcl:"max_retries"`
|
||||
|
@ -204,7 +206,9 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
|
|||
"packer_user_variables": &hcldec.AttrSpec{Name: "packer_user_variables", Type: cty.Map(cty.String), Required: false},
|
||||
"packer_sensitive_variables": &hcldec.AttrSpec{Name: "packer_sensitive_variables", Type: cty.List(cty.String), Required: false},
|
||||
"access_key": &hcldec.AttrSpec{Name: "access_key", Type: cty.String, Required: false},
|
||||
"assume_role": &hcldec.BlockSpec{TypeName: "assume_role", Nested: hcldec.ObjectSpec((*common.FlatAssumeRoleConfig)(nil).HCL2Spec())},
|
||||
"custom_endpoint_ec2": &hcldec.AttrSpec{Name: "custom_endpoint_ec2", Type: cty.String, Required: false},
|
||||
"shared_credentials_file": &hcldec.AttrSpec{Name: "shared_credentials_file", Type: cty.String, Required: false},
|
||||
"decode_authorization_messages": &hcldec.AttrSpec{Name: "decode_authorization_messages", Type: cty.Bool, Required: false},
|
||||
"insecure_skip_tls_verify": &hcldec.AttrSpec{Name: "insecure_skip_tls_verify", Type: cty.Bool, Required: false},
|
||||
"max_retries": &hcldec.AttrSpec{Name: "max_retries", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -64,7 +64,9 @@ type FlatConfig struct {
|
|||
PackerUserVars map[string]string `mapstructure:"packer_user_variables" cty:"packer_user_variables" hcl:"packer_user_variables"`
|
||||
PackerSensitiveVars []string `mapstructure:"packer_sensitive_variables" cty:"packer_sensitive_variables" hcl:"packer_sensitive_variables"`
|
||||
AccessKey *string `mapstructure:"access_key" required:"true" cty:"access_key" hcl:"access_key"`
|
||||
AssumeRole *common.FlatAssumeRoleConfig `mapstructure:"assume_role" required:"false" cty:"assume_role" hcl:"assume_role"`
|
||||
CustomEndpointEc2 *string `mapstructure:"custom_endpoint_ec2" required:"false" cty:"custom_endpoint_ec2" hcl:"custom_endpoint_ec2"`
|
||||
CredsFilename *string `mapstructure:"shared_credentials_file" required:"false" cty:"shared_credentials_file" hcl:"shared_credentials_file"`
|
||||
DecodeAuthZMessages *bool `mapstructure:"decode_authorization_messages" required:"false" cty:"decode_authorization_messages" hcl:"decode_authorization_messages"`
|
||||
InsecureSkipTLSVerify *bool `mapstructure:"insecure_skip_tls_verify" required:"false" cty:"insecure_skip_tls_verify" hcl:"insecure_skip_tls_verify"`
|
||||
MaxRetries *int `mapstructure:"max_retries" required:"false" cty:"max_retries" hcl:"max_retries"`
|
||||
|
@ -184,7 +186,9 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
|
|||
"packer_user_variables": &hcldec.AttrSpec{Name: "packer_user_variables", Type: cty.Map(cty.String), Required: false},
|
||||
"packer_sensitive_variables": &hcldec.AttrSpec{Name: "packer_sensitive_variables", Type: cty.List(cty.String), Required: false},
|
||||
"access_key": &hcldec.AttrSpec{Name: "access_key", Type: cty.String, Required: false},
|
||||
"assume_role": &hcldec.BlockSpec{TypeName: "assume_role", Nested: hcldec.ObjectSpec((*common.FlatAssumeRoleConfig)(nil).HCL2Spec())},
|
||||
"custom_endpoint_ec2": &hcldec.AttrSpec{Name: "custom_endpoint_ec2", Type: cty.String, Required: false},
|
||||
"shared_credentials_file": &hcldec.AttrSpec{Name: "shared_credentials_file", Type: cty.String, Required: false},
|
||||
"decode_authorization_messages": &hcldec.AttrSpec{Name: "decode_authorization_messages", Type: cty.Bool, Required: false},
|
||||
"insecure_skip_tls_verify": &hcldec.AttrSpec{Name: "insecure_skip_tls_verify", Type: cty.Bool, Required: false},
|
||||
"max_retries": &hcldec.AttrSpec{Name: "max_retries", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -19,7 +19,9 @@ type FlatConfig struct {
|
|||
PackerUserVars map[string]string `mapstructure:"packer_user_variables" cty:"packer_user_variables" hcl:"packer_user_variables"`
|
||||
PackerSensitiveVars []string `mapstructure:"packer_sensitive_variables" cty:"packer_sensitive_variables" hcl:"packer_sensitive_variables"`
|
||||
AccessKey *string `mapstructure:"access_key" required:"true" cty:"access_key" hcl:"access_key"`
|
||||
AssumeRole *common.FlatAssumeRoleConfig `mapstructure:"assume_role" required:"false" cty:"assume_role" hcl:"assume_role"`
|
||||
CustomEndpointEc2 *string `mapstructure:"custom_endpoint_ec2" required:"false" cty:"custom_endpoint_ec2" hcl:"custom_endpoint_ec2"`
|
||||
CredsFilename *string `mapstructure:"shared_credentials_file" required:"false" cty:"shared_credentials_file" hcl:"shared_credentials_file"`
|
||||
DecodeAuthZMessages *bool `mapstructure:"decode_authorization_messages" required:"false" cty:"decode_authorization_messages" hcl:"decode_authorization_messages"`
|
||||
InsecureSkipTLSVerify *bool `mapstructure:"insecure_skip_tls_verify" required:"false" cty:"insecure_skip_tls_verify" hcl:"insecure_skip_tls_verify"`
|
||||
MaxRetries *int `mapstructure:"max_retries" required:"false" cty:"max_retries" hcl:"max_retries"`
|
||||
|
@ -166,7 +168,9 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
|
|||
"packer_user_variables": &hcldec.AttrSpec{Name: "packer_user_variables", Type: cty.Map(cty.String), Required: false},
|
||||
"packer_sensitive_variables": &hcldec.AttrSpec{Name: "packer_sensitive_variables", Type: cty.List(cty.String), Required: false},
|
||||
"access_key": &hcldec.AttrSpec{Name: "access_key", Type: cty.String, Required: false},
|
||||
"assume_role": &hcldec.BlockSpec{TypeName: "assume_role", Nested: hcldec.ObjectSpec((*common.FlatAssumeRoleConfig)(nil).HCL2Spec())},
|
||||
"custom_endpoint_ec2": &hcldec.AttrSpec{Name: "custom_endpoint_ec2", Type: cty.String, Required: false},
|
||||
"shared_credentials_file": &hcldec.AttrSpec{Name: "shared_credentials_file", Type: cty.String, Required: false},
|
||||
"decode_authorization_messages": &hcldec.AttrSpec{Name: "decode_authorization_messages", Type: cty.Bool, Required: false},
|
||||
"insecure_skip_tls_verify": &hcldec.AttrSpec{Name: "insecure_skip_tls_verify", Type: cty.Bool, Required: false},
|
||||
"max_retries": &hcldec.AttrSpec{Name: "max_retries", Type: cty.Number, Required: false},
|
||||
|
|
2
go.mod
2
go.mod
|
@ -21,7 +21,7 @@ require (
|
|||
github.com/antchfx/xquery v0.0.0-20170730121040-eb8c3c172607 // indirect
|
||||
github.com/approvals/go-approval-tests v0.0.0-20160714161514-ad96e53bea43
|
||||
github.com/armon/go-metrics v0.0.0-20190430140413-ec5e00d3c878 // indirect
|
||||
github.com/aws/aws-sdk-go v1.30.8
|
||||
github.com/aws/aws-sdk-go v1.34.26
|
||||
github.com/biogo/hts v0.0.0-20160420073057-50da7d4131a3
|
||||
github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee
|
||||
github.com/cheggaaa/pb v1.0.27
|
||||
|
|
2
go.sum
2
go.sum
|
@ -114,6 +114,8 @@ github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3A
|
|||
github.com/aws/aws-sdk-go v1.16.22/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.30.8 h1:4BHbh8K3qKmcnAgToZ2LShldRF9inoqIBccpCLNCy3I=
|
||||
github.com/aws/aws-sdk-go v1.30.8/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
|
||||
github.com/aws/aws-sdk-go v1.34.26 h1:tw4nsSfGvCDnXt2xPe8NkxIrDui+asAWinMknPLEf80=
|
||||
github.com/aws/aws-sdk-go v1.34.26/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas=
|
||||
|
|
|
@ -18,7 +18,9 @@ type FlatConfig struct {
|
|||
PackerUserVars map[string]string `mapstructure:"packer_user_variables" cty:"packer_user_variables" hcl:"packer_user_variables"`
|
||||
PackerSensitiveVars []string `mapstructure:"packer_sensitive_variables" cty:"packer_sensitive_variables" hcl:"packer_sensitive_variables"`
|
||||
AccessKey *string `mapstructure:"access_key" required:"true" cty:"access_key" hcl:"access_key"`
|
||||
AssumeRole *common.FlatAssumeRoleConfig `mapstructure:"assume_role" required:"false" cty:"assume_role" hcl:"assume_role"`
|
||||
CustomEndpointEc2 *string `mapstructure:"custom_endpoint_ec2" required:"false" cty:"custom_endpoint_ec2" hcl:"custom_endpoint_ec2"`
|
||||
CredsFilename *string `mapstructure:"shared_credentials_file" required:"false" cty:"shared_credentials_file" hcl:"shared_credentials_file"`
|
||||
DecodeAuthZMessages *bool `mapstructure:"decode_authorization_messages" required:"false" cty:"decode_authorization_messages" hcl:"decode_authorization_messages"`
|
||||
InsecureSkipTLSVerify *bool `mapstructure:"insecure_skip_tls_verify" required:"false" cty:"insecure_skip_tls_verify" hcl:"insecure_skip_tls_verify"`
|
||||
MaxRetries *int `mapstructure:"max_retries" required:"false" cty:"max_retries" hcl:"max_retries"`
|
||||
|
@ -68,7 +70,9 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
|
|||
"packer_user_variables": &hcldec.AttrSpec{Name: "packer_user_variables", Type: cty.Map(cty.String), Required: false},
|
||||
"packer_sensitive_variables": &hcldec.AttrSpec{Name: "packer_sensitive_variables", Type: cty.List(cty.String), Required: false},
|
||||
"access_key": &hcldec.AttrSpec{Name: "access_key", Type: cty.String, Required: false},
|
||||
"assume_role": &hcldec.BlockSpec{TypeName: "assume_role", Nested: hcldec.ObjectSpec((*common.FlatAssumeRoleConfig)(nil).HCL2Spec())},
|
||||
"custom_endpoint_ec2": &hcldec.AttrSpec{Name: "custom_endpoint_ec2", Type: cty.String, Required: false},
|
||||
"shared_credentials_file": &hcldec.AttrSpec{Name: "shared_credentials_file", Type: cty.String, Required: false},
|
||||
"decode_authorization_messages": &hcldec.AttrSpec{Name: "decode_authorization_messages", Type: cty.Bool, Required: false},
|
||||
"insecure_skip_tls_verify": &hcldec.AttrSpec{Name: "insecure_skip_tls_verify", Type: cty.Bool, Required: false},
|
||||
"max_retries": &hcldec.AttrSpec{Name: "max_retries", Type: cty.Number, Required: false},
|
||||
|
|
|
@ -43,7 +43,7 @@ type Config struct {
|
|||
|
||||
// An optional endpoint URL (hostname only or fully qualified URI)
|
||||
// that overrides the default generated endpoint for a client. Set this
|
||||
// to `""` to use the default generated endpoint.
|
||||
// to `nil` or the value to `""` to use the default generated endpoint.
|
||||
//
|
||||
// Note: You must still provide a `Region` value when specifying an
|
||||
// endpoint for a client.
|
||||
|
@ -138,7 +138,7 @@ type Config struct {
|
|||
// `ExpectContinueTimeout` for information on adjusting the continue wait
|
||||
// timeout. https://golang.org/pkg/net/http/#Transport
|
||||
//
|
||||
// You should use this flag to disble 100-Continue if you experience issues
|
||||
// You should use this flag to disable 100-Continue if you experience issues
|
||||
// with proxies or third party S3 compatible services.
|
||||
S3Disable100Continue *bool
|
||||
|
||||
|
@ -183,7 +183,7 @@ type Config struct {
|
|||
//
|
||||
// Example:
|
||||
// sess := session.Must(session.NewSession(aws.NewConfig()
|
||||
// .WithEC2MetadataDiableTimeoutOverride(true)))
|
||||
// .WithEC2MetadataDisableTimeoutOverride(true)))
|
||||
//
|
||||
// svc := s3.New(sess)
|
||||
//
|
||||
|
@ -194,7 +194,7 @@ type Config struct {
|
|||
// both IPv4 and IPv6 addressing.
|
||||
//
|
||||
// Setting this for a service which does not support dual stack will fail
|
||||
// to make requets. It is not recommended to set this value on the session
|
||||
// to make requests. It is not recommended to set this value on the session
|
||||
// as it will apply to all service clients created with the session. Even
|
||||
// services which don't support dual stack endpoints.
|
||||
//
|
||||
|
@ -238,6 +238,7 @@ type Config struct {
|
|||
|
||||
// EnableEndpointDiscovery will allow for endpoint discovery on operations that
|
||||
// have the definition in its model. By default, endpoint discovery is off.
|
||||
// To use EndpointDiscovery, Endpoint should be unset or set to an empty string.
|
||||
//
|
||||
// Example:
|
||||
// sess := session.Must(session.NewSession(&aws.Config{
|
||||
|
|
|
@ -225,6 +225,8 @@ var ValidateEndpointHandler = request.NamedHandler{Name: "core.ValidateEndpointH
|
|||
if r.ClientInfo.SigningRegion == "" && aws.StringValue(r.Config.Region) == "" {
|
||||
r.Error = aws.ErrMissingRegion
|
||||
} else if r.ClientInfo.Endpoint == "" {
|
||||
// Was any endpoint provided by the user, or one was derived by the
|
||||
// SDK's endpoint resolver?
|
||||
r.Error = aws.ErrMissingEndpoint
|
||||
}
|
||||
}}
|
||||
|
|
5
vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
generated
vendored
5
vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
generated
vendored
|
@ -17,8 +17,9 @@ var (
|
|||
ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil)
|
||||
)
|
||||
|
||||
// A SharedCredentialsProvider retrieves credentials from the current user's home
|
||||
// directory, and keeps track if those credentials are expired.
|
||||
// A SharedCredentialsProvider retrieves access key pair (access key ID,
|
||||
// secret access key, and session token if present) credentials from the current
|
||||
// user's home directory, and keeps track if those credentials are expired.
|
||||
//
|
||||
// Profile ini file example: $HOME/.aws/credentials
|
||||
type SharedCredentialsProvider struct {
|
||||
|
|
24
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
generated
vendored
24
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
generated
vendored
|
@ -169,6 +169,29 @@ type AssumeRoleProvider struct {
|
|||
// size.
|
||||
Policy *string
|
||||
|
||||
// The ARNs of IAM managed policies you want to use as managed session policies.
|
||||
// The policies must exist in the same account as the role.
|
||||
//
|
||||
// This parameter is optional. You can provide up to 10 managed policy ARNs.
|
||||
// However, the plain text that you use for both inline and managed session
|
||||
// policies can't exceed 2,048 characters.
|
||||
//
|
||||
// An AWS conversion compresses the passed session policies and session tags
|
||||
// into a packed binary format that has a separate limit. Your request can fail
|
||||
// for this limit even if your plain text meets the other requirements. The
|
||||
// PackedPolicySize response element indicates by percentage how close the policies
|
||||
// and tags for your request are to the upper size limit.
|
||||
//
|
||||
// Passing policies to this operation returns new temporary credentials. The
|
||||
// resulting session's permissions are the intersection of the role's identity-based
|
||||
// policy and the session policies. You can use the role's temporary credentials
|
||||
// in subsequent AWS API calls to access resources in the account that owns
|
||||
// the role. You cannot use session policies to grant more permissions than
|
||||
// those allowed by the identity-based policy of the role that is being assumed.
|
||||
// For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
|
||||
// in the IAM User Guide.
|
||||
PolicyArns []*sts.PolicyDescriptorType
|
||||
|
||||
// The identification number of the MFA device that is associated with the user
|
||||
// who is making the AssumeRole call. Specify this value if the trust policy
|
||||
// of the role being assumed includes a condition that requires MFA authentication.
|
||||
|
@ -291,6 +314,7 @@ func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (crede
|
|||
RoleSessionName: aws.String(p.RoleSessionName),
|
||||
ExternalId: p.ExternalID,
|
||||
Tags: p.Tags,
|
||||
PolicyArns: p.PolicyArns,
|
||||
TransitiveTagKeys: p.TransitiveTagKeys,
|
||||
}
|
||||
if p.Policy != nil {
|
||||
|
|
56
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
generated
vendored
56
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
generated
vendored
|
@ -28,15 +28,46 @@ const (
|
|||
// compare test values.
|
||||
var now = time.Now
|
||||
|
||||
// TokenFetcher shuold return WebIdentity token bytes or an error
|
||||
type TokenFetcher interface {
|
||||
FetchToken(credentials.Context) ([]byte, error)
|
||||
}
|
||||
|
||||
// FetchTokenPath is a path to a WebIdentity token file
|
||||
type FetchTokenPath string
|
||||
|
||||
// FetchToken returns a token by reading from the filesystem
|
||||
func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) {
|
||||
data, err := ioutil.ReadFile(string(f))
|
||||
if err != nil {
|
||||
errMsg := fmt.Sprintf("unable to read file at %s", f)
|
||||
return nil, awserr.New(ErrCodeWebIdentity, errMsg, err)
|
||||
}
|
||||
return data, nil
|
||||
}
|
||||
|
||||
// WebIdentityRoleProvider is used to retrieve credentials using
|
||||
// an OIDC token.
|
||||
type WebIdentityRoleProvider struct {
|
||||
credentials.Expiry
|
||||
PolicyArns []*sts.PolicyDescriptorType
|
||||
|
||||
client stsiface.STSAPI
|
||||
// Duration the STS credentials will be valid for. Truncated to seconds.
|
||||
// If unset, the assumed role will use AssumeRoleWithWebIdentity's default
|
||||
// expiry duration. See
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#STS.AssumeRoleWithWebIdentity
|
||||
// for more information.
|
||||
Duration time.Duration
|
||||
|
||||
// The amount of time the credentials will be refreshed before they expire.
|
||||
// This is useful refresh credentials before they expire to reduce risk of
|
||||
// using credentials as they expire. If unset, will default to no expiry
|
||||
// window.
|
||||
ExpiryWindow time.Duration
|
||||
|
||||
tokenFilePath string
|
||||
client stsiface.STSAPI
|
||||
|
||||
tokenFetcher TokenFetcher
|
||||
roleARN string
|
||||
roleSessionName string
|
||||
}
|
||||
|
@ -52,9 +83,15 @@ func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName
|
|||
// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the
|
||||
// provided stsiface.STSAPI
|
||||
func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider {
|
||||
return NewWebIdentityRoleProviderWithToken(svc, roleARN, roleSessionName, FetchTokenPath(path))
|
||||
}
|
||||
|
||||
// NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the
|
||||
// provided stsiface.STSAPI and a TokenFetcher
|
||||
func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider {
|
||||
return &WebIdentityRoleProvider{
|
||||
client: svc,
|
||||
tokenFilePath: path,
|
||||
tokenFetcher: tokenFetcher,
|
||||
roleARN: roleARN,
|
||||
roleSessionName: roleSessionName,
|
||||
}
|
||||
|
@ -71,10 +108,9 @@ func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) {
|
|||
// 'WebIdentityTokenFilePath' specified destination and if that is empty an
|
||||
// error will be returned.
|
||||
func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
b, err := ioutil.ReadFile(p.tokenFilePath)
|
||||
b, err := p.tokenFetcher.FetchToken(ctx)
|
||||
if err != nil {
|
||||
errMsg := fmt.Sprintf("unable to read file at %s", p.tokenFilePath)
|
||||
return credentials.Value{}, awserr.New(ErrCodeWebIdentity, errMsg, err)
|
||||
return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed fetching WebIdentity token: ", err)
|
||||
}
|
||||
|
||||
sessionName := p.roleSessionName
|
||||
|
@ -83,10 +119,18 @@ func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (
|
|||
// uses unix time in nanoseconds to uniquely identify sessions.
|
||||
sessionName = strconv.FormatInt(now().UnixNano(), 10)
|
||||
}
|
||||
|
||||
var duration *int64
|
||||
if p.Duration != 0 {
|
||||
duration = aws.Int64(int64(p.Duration / time.Second))
|
||||
}
|
||||
|
||||
req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{
|
||||
PolicyArns: p.PolicyArns,
|
||||
RoleArn: &p.roleARN,
|
||||
RoleSessionName: &sessionName,
|
||||
WebIdentityToken: aws.String(string(b)),
|
||||
DurationSeconds: duration,
|
||||
})
|
||||
|
||||
req.SetContext(ctx)
|
||||
|
|
|
@ -20,7 +20,7 @@ func (c *EC2Metadata) getToken(ctx aws.Context, duration time.Duration) (tokenOu
|
|||
op := &request.Operation{
|
||||
Name: "GetToken",
|
||||
HTTPMethod: "PUT",
|
||||
HTTPPath: "/api/token",
|
||||
HTTPPath: "/latest/api/token",
|
||||
}
|
||||
|
||||
var output tokenOutput
|
||||
|
@ -62,7 +62,7 @@ func (c *EC2Metadata) GetMetadataWithContext(ctx aws.Context, p string) (string,
|
|||
op := &request.Operation{
|
||||
Name: "GetMetadata",
|
||||
HTTPMethod: "GET",
|
||||
HTTPPath: sdkuri.PathJoin("/meta-data", p),
|
||||
HTTPPath: sdkuri.PathJoin("/latest/meta-data", p),
|
||||
}
|
||||
output := &metadataOutput{}
|
||||
|
||||
|
@ -88,7 +88,7 @@ func (c *EC2Metadata) GetUserDataWithContext(ctx aws.Context) (string, error) {
|
|||
op := &request.Operation{
|
||||
Name: "GetUserData",
|
||||
HTTPMethod: "GET",
|
||||
HTTPPath: "/user-data",
|
||||
HTTPPath: "/latest/user-data",
|
||||
}
|
||||
|
||||
output := &metadataOutput{}
|
||||
|
@ -113,7 +113,7 @@ func (c *EC2Metadata) GetDynamicDataWithContext(ctx aws.Context, p string) (stri
|
|||
op := &request.Operation{
|
||||
Name: "GetDynamicData",
|
||||
HTTPMethod: "GET",
|
||||
HTTPPath: sdkuri.PathJoin("/dynamic", p),
|
||||
HTTPPath: sdkuri.PathJoin("/latest/dynamic", p),
|
||||
}
|
||||
|
||||
output := &metadataOutput{}
|
||||
|
|
|
@ -5,6 +5,10 @@
|
|||
// variable "AWS_EC2_METADATA_DISABLED=true". This environment variable set to
|
||||
// true instructs the SDK to disable the EC2 Metadata client. The client cannot
|
||||
// be used while the environment variable is set to true, (case insensitive).
|
||||
//
|
||||
// The endpoint of the EC2 IMDS client can be configured via the environment
|
||||
// variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a
|
||||
// Session. See aws/session#Options.EC2IMDSEndpoint for more details.
|
||||
package ec2metadata
|
||||
|
||||
import (
|
||||
|
@ -12,6 +16,7 @@ import (
|
|||
"errors"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
@ -41,7 +46,7 @@ const (
|
|||
enableTokenProviderHandlerName = "enableTokenProviderHandler"
|
||||
|
||||
// TTL constants
|
||||
defaultTTL = 21600 * time.Second
|
||||
defaultTTL = 21600 * time.Second
|
||||
ttlExpirationWindow = 30 * time.Second
|
||||
)
|
||||
|
||||
|
@ -69,6 +74,9 @@ func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata {
|
|||
// a client when not using a session. Generally using just New with a session
|
||||
// is preferred.
|
||||
//
|
||||
// Will remove the URL path from the endpoint provided to ensure the EC2 IMDS
|
||||
// client is able to communicate with the EC2 IMDS API.
|
||||
//
|
||||
// If an unmodified HTTP client is provided from the stdlib default, or no client
|
||||
// the EC2RoleProvider's EC2Metadata HTTP client's timeout will be shortened.
|
||||
// To disable this set Config.EC2MetadataDisableTimeoutOverride to false. Enabled by default.
|
||||
|
@ -86,6 +94,15 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
|
|||
cfg.MaxRetries = aws.Int(2)
|
||||
}
|
||||
|
||||
if u, err := url.Parse(endpoint); err == nil {
|
||||
// Remove path from the endpoint since it will be added by requests.
|
||||
// This is an artifact of the SDK adding `/latest` to the endpoint for
|
||||
// EC2 IMDS, but this is now moved to the operation definition.
|
||||
u.Path = ""
|
||||
u.RawPath = ""
|
||||
endpoint = u.String()
|
||||
}
|
||||
|
||||
svc := &EC2Metadata{
|
||||
Client: client.New(
|
||||
cfg,
|
||||
|
|
|
@ -93,7 +93,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol
|
|||
}
|
||||
|
||||
func custAddS3DualStack(p *partition) {
|
||||
if p.ID != "aws" {
|
||||
if !(p.ID == "aws" || p.ID == "aws-cn" || p.ID == "aws-us-gov") {
|
||||
return
|
||||
}
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -7,6 +7,8 @@ import (
|
|||
"strings"
|
||||
)
|
||||
|
||||
var regionValidationRegex = regexp.MustCompile(`^[[:alnum:]]([[:alnum:]\-]*[[:alnum:]])?$`)
|
||||
|
||||
type partitions []partition
|
||||
|
||||
func (ps partitions) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) {
|
||||
|
@ -124,7 +126,7 @@ func (p partition) EndpointFor(service, region string, opts ...func(*Options)) (
|
|||
|
||||
defs := []endpoint{p.Defaults, s.Defaults}
|
||||
|
||||
return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt), nil
|
||||
return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt)
|
||||
}
|
||||
|
||||
func serviceList(ss services) []string {
|
||||
|
@ -233,7 +235,7 @@ func getByPriority(s []string, p []string, def string) string {
|
|||
return s[0]
|
||||
}
|
||||
|
||||
func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint {
|
||||
func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) {
|
||||
var merged endpoint
|
||||
for _, def := range defs {
|
||||
merged.mergeIn(def)
|
||||
|
@ -260,6 +262,10 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [
|
|||
region = signingRegion
|
||||
}
|
||||
|
||||
if !validateInputRegion(region) {
|
||||
return ResolvedEndpoint{}, fmt.Errorf("invalid region identifier format provided")
|
||||
}
|
||||
|
||||
u := strings.Replace(hostname, "{service}", service, 1)
|
||||
u = strings.Replace(u, "{region}", region, 1)
|
||||
u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1)
|
||||
|
@ -274,7 +280,7 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [
|
|||
SigningName: signingName,
|
||||
SigningNameDerived: signingNameDerived,
|
||||
SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner),
|
||||
}
|
||||
}, nil
|
||||
}
|
||||
|
||||
func getEndpointScheme(protocols []string, disableSSL bool) string {
|
||||
|
@ -339,3 +345,7 @@ const (
|
|||
boxedFalse
|
||||
boxedTrue
|
||||
)
|
||||
|
||||
func validateInputRegion(region string) bool {
|
||||
return regionValidationRegex.MatchString(region)
|
||||
}
|
||||
|
|
|
@ -9,7 +9,8 @@ func isErrConnectionReset(err error) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
if strings.Contains(err.Error(), "connection reset") ||
|
||||
if strings.Contains(err.Error(), "use of closed network connection") ||
|
||||
strings.Contains(err.Error(), "connection reset") ||
|
||||
strings.Contains(err.Error(), "broken pipe") {
|
||||
return true
|
||||
}
|
||||
|
|
|
@ -241,5 +241,22 @@ over the AWS_CA_BUNDLE environment variable, and will be used if both are set.
|
|||
Setting a custom HTTPClient in the aws.Config options will override this setting.
|
||||
To use this option and custom HTTP client, the HTTP client needs to be provided
|
||||
when creating the session. Not the service client.
|
||||
|
||||
The endpoint of the EC2 IMDS client can be configured via the environment
|
||||
variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a
|
||||
Session. See Options.EC2IMDSEndpoint for more details.
|
||||
|
||||
AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254
|
||||
|
||||
If using an URL with an IPv6 address literal, the IPv6 address
|
||||
component must be enclosed in square brackets.
|
||||
|
||||
AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1]
|
||||
|
||||
The custom EC2 IMDS endpoint can also be specified via the Session options.
|
||||
|
||||
sess, err := session.NewSessionWithOptions(session.Options{
|
||||
EC2IMDSEndpoint: "http://[::1]",
|
||||
})
|
||||
*/
|
||||
package session
|
||||
|
|
|
@ -148,6 +148,11 @@ type envConfig struct {
|
|||
//
|
||||
// AWS_S3_USE_ARN_REGION=true
|
||||
S3UseARNRegion bool
|
||||
|
||||
// Specifies the alternative endpoint to use for EC2 IMDS.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1]
|
||||
EC2IMDSEndpoint string
|
||||
}
|
||||
|
||||
var (
|
||||
|
@ -211,6 +216,9 @@ var (
|
|||
s3UseARNRegionEnvKey = []string{
|
||||
"AWS_S3_USE_ARN_REGION",
|
||||
}
|
||||
ec2IMDSEndpointEnvKey = []string{
|
||||
"AWS_EC2_METADATA_SERVICE_ENDPOINT",
|
||||
}
|
||||
)
|
||||
|
||||
// loadEnvConfig retrieves the SDK's environment configuration.
|
||||
|
@ -332,6 +340,8 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) {
|
|||
}
|
||||
}
|
||||
|
||||
setFromEnvVal(&cfg.EC2IMDSEndpoint, ec2IMDSEndpointEnvKey)
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -48,6 +48,8 @@ var ErrSharedConfigInvalidCredSource = awserr.New(ErrCodeSharedConfig, "credenti
|
|||
type Session struct {
|
||||
Config *aws.Config
|
||||
Handlers request.Handlers
|
||||
|
||||
options Options
|
||||
}
|
||||
|
||||
// New creates a new instance of the handlers merging in the provided configs
|
||||
|
@ -99,7 +101,7 @@ func New(cfgs ...*aws.Config) *Session {
|
|||
return s
|
||||
}
|
||||
|
||||
s := deprecatedNewSession(cfgs...)
|
||||
s := deprecatedNewSession(envCfg, cfgs...)
|
||||
if envErr != nil {
|
||||
msg := "failed to load env config"
|
||||
s.logDeprecatedNewSessionError(msg, envErr, cfgs)
|
||||
|
@ -243,6 +245,23 @@ type Options struct {
|
|||
// function to initialize this value before changing the handlers to be
|
||||
// used by the SDK.
|
||||
Handlers request.Handlers
|
||||
|
||||
// Allows specifying a custom endpoint to be used by the EC2 IMDS client
|
||||
// when making requests to the EC2 IMDS API. The must endpoint value must
|
||||
// include protocol prefix.
|
||||
//
|
||||
// If unset, will the EC2 IMDS client will use its default endpoint.
|
||||
//
|
||||
// Can also be specified via the environment variable,
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254
|
||||
//
|
||||
// If using an URL with an IPv6 address literal, the IPv6 address
|
||||
// component must be enclosed in square brackets.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1]
|
||||
EC2IMDSEndpoint string
|
||||
}
|
||||
|
||||
// NewSessionWithOptions returns a new Session created from SDK defaults, config files,
|
||||
|
@ -329,7 +348,25 @@ func Must(sess *Session, err error) *Session {
|
|||
return sess
|
||||
}
|
||||
|
||||
func deprecatedNewSession(cfgs ...*aws.Config) *Session {
|
||||
// Wraps the endpoint resolver with a resolver that will return a custom
|
||||
// endpoint for EC2 IMDS.
|
||||
func wrapEC2IMDSEndpoint(resolver endpoints.Resolver, endpoint string) endpoints.Resolver {
|
||||
return endpoints.ResolverFunc(
|
||||
func(service, region string, opts ...func(*endpoints.Options)) (
|
||||
endpoints.ResolvedEndpoint, error,
|
||||
) {
|
||||
if service == ec2MetadataServiceID {
|
||||
return endpoints.ResolvedEndpoint{
|
||||
URL: endpoint,
|
||||
SigningName: ec2MetadataServiceID,
|
||||
SigningRegion: region,
|
||||
}, nil
|
||||
}
|
||||
return resolver.EndpointFor(service, region)
|
||||
})
|
||||
}
|
||||
|
||||
func deprecatedNewSession(envCfg envConfig, cfgs ...*aws.Config) *Session {
|
||||
cfg := defaults.Config()
|
||||
handlers := defaults.Handlers()
|
||||
|
||||
|
@ -341,6 +378,11 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session {
|
|||
// endpoints for service client configurations.
|
||||
cfg.EndpointResolver = endpoints.DefaultResolver()
|
||||
}
|
||||
|
||||
if len(envCfg.EC2IMDSEndpoint) != 0 {
|
||||
cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, envCfg.EC2IMDSEndpoint)
|
||||
}
|
||||
|
||||
cfg.Credentials = defaults.CredChain(cfg, handlers)
|
||||
|
||||
// Reapply any passed in configs to override credentials if set
|
||||
|
@ -349,6 +391,9 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session {
|
|||
s := &Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers,
|
||||
options: Options{
|
||||
EC2IMDSEndpoint: envCfg.EC2IMDSEndpoint,
|
||||
},
|
||||
}
|
||||
|
||||
initHandlers(s)
|
||||
|
@ -418,6 +463,7 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session,
|
|||
s := &Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers,
|
||||
options: opts,
|
||||
}
|
||||
|
||||
initHandlers(s)
|
||||
|
@ -570,6 +616,14 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config,
|
|||
endpoints.LegacyS3UsEast1Endpoint,
|
||||
})
|
||||
|
||||
ec2IMDSEndpoint := sessOpts.EC2IMDSEndpoint
|
||||
if len(ec2IMDSEndpoint) == 0 {
|
||||
ec2IMDSEndpoint = envCfg.EC2IMDSEndpoint
|
||||
}
|
||||
if len(ec2IMDSEndpoint) != 0 {
|
||||
cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint)
|
||||
}
|
||||
|
||||
// Configure credentials if not already set by the user when creating the
|
||||
// Session.
|
||||
if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil {
|
||||
|
@ -627,6 +681,7 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session {
|
|||
newSession := &Session{
|
||||
Config: s.Config.Copy(cfgs...),
|
||||
Handlers: s.Handlers.Copy(),
|
||||
options: s.options,
|
||||
}
|
||||
|
||||
initHandlers(newSession)
|
||||
|
@ -665,6 +720,8 @@ func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Confi
|
|||
}
|
||||
}
|
||||
|
||||
const ec2MetadataServiceID = "ec2metadata"
|
||||
|
||||
func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) {
|
||||
|
||||
if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 {
|
||||
|
|
|
@ -239,3 +239,26 @@ func (es errors) Error() string {
|
|||
|
||||
return strings.Join(parts, "\n")
|
||||
}
|
||||
|
||||
// CopySeekableBody copies the seekable body to an io.Writer
|
||||
func CopySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) {
|
||||
curPos, err := src.Seek(0, sdkio.SeekCurrent)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
||||
// copy errors may be assumed to be from the body.
|
||||
n, err := io.Copy(dst, src)
|
||||
if err != nil {
|
||||
return n, err
|
||||
}
|
||||
|
||||
// seek back to the first position after reading to reset
|
||||
// the body for transmission.
|
||||
_, err = src.Seek(curPos, sdkio.SeekStart)
|
||||
if err != nil {
|
||||
return n, err
|
||||
}
|
||||
|
||||
return n, nil
|
||||
}
|
||||
|
|
|
@ -5,4 +5,4 @@ package aws
|
|||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.30.8"
|
||||
const SDKVersion = "1.34.26"
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
package checksum
|
||||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
const contentMD5Header = "Content-Md5"
|
||||
|
||||
// AddBodyContentMD5Handler computes and sets the HTTP Content-MD5 header for requests that
|
||||
// require it.
|
||||
func AddBodyContentMD5Handler(r *request.Request) {
|
||||
// if Content-MD5 header is already present, return
|
||||
if v := r.HTTPRequest.Header.Get(contentMD5Header); len(v) != 0 {
|
||||
return
|
||||
}
|
||||
|
||||
// if S3DisableContentMD5Validation flag is set, return
|
||||
if aws.BoolValue(r.Config.S3DisableContentMD5Validation) {
|
||||
return
|
||||
}
|
||||
|
||||
// if request is presigned, return
|
||||
if r.IsPresigned() {
|
||||
return
|
||||
}
|
||||
|
||||
// if body is not seekable, return
|
||||
if !aws.IsReaderSeekable(r.Body) {
|
||||
if r.Config.Logger != nil {
|
||||
r.Config.Logger.Log(fmt.Sprintf(
|
||||
"Unable to compute Content-MD5 for unseekable body, S3.%s",
|
||||
r.Operation.Name))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
h := md5.New()
|
||||
|
||||
if _, err := aws.CopySeekableBody(h, r.Body); err != nil {
|
||||
r.Error = awserr.New("ContentMD5", "failed to compute body MD5", err)
|
||||
return
|
||||
}
|
||||
|
||||
// encode the md5 checksum in base64 and set the request header.
|
||||
v := base64.StdEncoding.EncodeToString(h.Sum(nil))
|
||||
r.HTTPRequest.Header.Set(contentMD5Header, v)
|
||||
}
|
15
vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/reader.go
generated
vendored
15
vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/reader.go
generated
vendored
|
@ -69,10 +69,23 @@ func (r *EventReader) ReadEvent() (event interface{}, err error) {
|
|||
case ErrorMessageType:
|
||||
return nil, r.unmarshalErrorMessage(msg)
|
||||
default:
|
||||
return nil, fmt.Errorf("unknown eventstream message type, %v", typ)
|
||||
return nil, &UnknownMessageTypeError{
|
||||
Type: typ, Message: msg.Clone(),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// UnknownMessageTypeError provides an error when a message is received from
|
||||
// the stream, but the reader is unable to determine what kind of message it is.
|
||||
type UnknownMessageTypeError struct {
|
||||
Type string
|
||||
Message eventstream.Message
|
||||
}
|
||||
|
||||
func (e *UnknownMessageTypeError) Error() string {
|
||||
return "unknown eventstream message type, " + e.Type
|
||||
}
|
||||
|
||||
func (r *EventReader) unmarshalEventMessage(
|
||||
msg eventstream.Message,
|
||||
) (event interface{}, err error) {
|
||||
|
|
|
@ -52,6 +52,15 @@ func (hs *Headers) Del(name string) {
|
|||
}
|
||||
}
|
||||
|
||||
// Clone returns a deep copy of the headers
|
||||
func (hs Headers) Clone() Headers {
|
||||
o := make(Headers, 0, len(hs))
|
||||
for _, h := range hs {
|
||||
o.Set(h.Name, h.Value)
|
||||
}
|
||||
return o
|
||||
}
|
||||
|
||||
func decodeHeaders(r io.Reader) (Headers, error) {
|
||||
hs := Headers{}
|
||||
|
||||
|
|
|
@ -57,6 +57,20 @@ func (m *Message) rawMessage() (rawMessage, error) {
|
|||
return raw, nil
|
||||
}
|
||||
|
||||
// Clone returns a deep copy of the message.
|
||||
func (m Message) Clone() Message {
|
||||
var payload []byte
|
||||
if m.Payload != nil {
|
||||
payload = make([]byte, len(m.Payload))
|
||||
copy(payload, m.Payload)
|
||||
}
|
||||
|
||||
return Message{
|
||||
Headers: m.Headers.Clone(),
|
||||
Payload: payload,
|
||||
}
|
||||
}
|
||||
|
||||
type messagePrelude struct {
|
||||
Length uint32
|
||||
HeadersLen uint32
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"math/big"
|
||||
"reflect"
|
||||
"strings"
|
||||
"time"
|
||||
|
@ -15,6 +16,8 @@ import (
|
|||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
var millisecondsFloat = new(big.Float).SetInt64(1e3)
|
||||
|
||||
// UnmarshalJSONError unmarshal's the reader's JSON document into the passed in
|
||||
// type. The value to unmarshal the json document into must be a pointer to the
|
||||
// type.
|
||||
|
@ -39,7 +42,9 @@ func UnmarshalJSONError(v interface{}, stream io.Reader) error {
|
|||
func UnmarshalJSON(v interface{}, stream io.Reader) error {
|
||||
var out interface{}
|
||||
|
||||
err := json.NewDecoder(stream).Decode(&out)
|
||||
decoder := json.NewDecoder(stream)
|
||||
decoder.UseNumber()
|
||||
err := decoder.Decode(&out)
|
||||
if err == io.EOF {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
|
@ -54,7 +59,9 @@ func UnmarshalJSON(v interface{}, stream io.Reader) error {
|
|||
func UnmarshalJSONCaseInsensitive(v interface{}, stream io.Reader) error {
|
||||
var out interface{}
|
||||
|
||||
err := json.NewDecoder(stream).Decode(&out)
|
||||
decoder := json.NewDecoder(stream)
|
||||
decoder.UseNumber()
|
||||
err := decoder.Decode(&out)
|
||||
if err == io.EOF {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
|
@ -254,16 +261,31 @@ func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag
|
|||
default:
|
||||
return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type())
|
||||
}
|
||||
case float64:
|
||||
case json.Number:
|
||||
switch value.Interface().(type) {
|
||||
case *int64:
|
||||
di := int64(d)
|
||||
// Retain the old behavior where we would just truncate the float64
|
||||
// calling d.Int64() here could cause an invalid syntax error due to the usage of strconv.ParseInt
|
||||
f, err := d.Float64()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
di := int64(f)
|
||||
value.Set(reflect.ValueOf(&di))
|
||||
case *float64:
|
||||
value.Set(reflect.ValueOf(&d))
|
||||
f, err := d.Float64()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
value.Set(reflect.ValueOf(&f))
|
||||
case *time.Time:
|
||||
// Time unmarshaled from a float64 can only be epoch seconds
|
||||
t := time.Unix(int64(d), 0).UTC()
|
||||
float, ok := new(big.Float).SetString(d.String())
|
||||
if !ok {
|
||||
return fmt.Errorf("unsupported float time representation: %v", d.String())
|
||||
}
|
||||
float = float.Mul(float, millisecondsFloat)
|
||||
ms, _ := float.Int64()
|
||||
t := time.Unix(0, ms*1e6).UTC()
|
||||
value.Set(reflect.ValueOf(&t))
|
||||
default:
|
||||
return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type())
|
||||
|
|
|
@ -27,8 +27,8 @@ const (
|
|||
// RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z
|
||||
ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z"
|
||||
|
||||
// This format is used for output time without seconds precision
|
||||
ISO8601OutputTimeFormat = "2006-01-02T15:04:05Z"
|
||||
// This format is used for output time with fractional second precision up to milliseconds
|
||||
ISO8601OutputTimeFormat = "2006-01-02T15:04:05.999999999Z"
|
||||
)
|
||||
|
||||
// IsKnownTimestampFormat returns if the timestamp format name
|
||||
|
@ -48,7 +48,7 @@ func IsKnownTimestampFormat(name string) bool {
|
|||
|
||||
// FormatTime returns a string value of the time.
|
||||
func FormatTime(name string, t time.Time) string {
|
||||
t = t.UTC()
|
||||
t = t.UTC().Truncate(time.Millisecond)
|
||||
|
||||
switch name {
|
||||
case RFC822TimeFormatName:
|
||||
|
@ -56,7 +56,8 @@ func FormatTime(name string, t time.Time) string {
|
|||
case ISO8601TimeFormatName:
|
||||
return t.Format(ISO8601OutputTimeFormat)
|
||||
case UnixTimeFormatName:
|
||||
return strconv.FormatInt(t.Unix(), 10)
|
||||
ms := t.UnixNano() / int64(time.Millisecond)
|
||||
return strconv.FormatFloat(float64(ms)/1e3, 'f', -1, 64)
|
||||
default:
|
||||
panic("unknown timestamp format name, " + name)
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -26,8 +26,12 @@ func init() {
|
|||
|
||||
// only set the retryer on request if config doesn't have a retryer
|
||||
if r.Config.Retryer == nil && (r.Operation.Name == opModifyNetworkInterfaceAttribute || r.Operation.Name == opAssignPrivateIpAddresses) {
|
||||
maxRetries := client.DefaultRetryerMaxNumRetries
|
||||
if m := r.Config.MaxRetries; m != nil && *m != aws.UseServiceDefaultRetries {
|
||||
maxRetries = *m
|
||||
}
|
||||
r.Retryer = client.DefaultRetryer{
|
||||
NumMaxRetries: client.DefaultRetryerMaxNumRetries,
|
||||
NumMaxRetries: maxRetries,
|
||||
MinRetryDelay: customRetryerMinRetryDelay,
|
||||
MinThrottleDelay: customRetryerMinRetryDelay,
|
||||
MaxRetryDelay: customRetryerMaxRetryDelay,
|
||||
|
|
|
@ -228,6 +228,10 @@ type EC2API interface {
|
|||
CreateCapacityReservationWithContext(aws.Context, *ec2.CreateCapacityReservationInput, ...request.Option) (*ec2.CreateCapacityReservationOutput, error)
|
||||
CreateCapacityReservationRequest(*ec2.CreateCapacityReservationInput) (*request.Request, *ec2.CreateCapacityReservationOutput)
|
||||
|
||||
CreateCarrierGateway(*ec2.CreateCarrierGatewayInput) (*ec2.CreateCarrierGatewayOutput, error)
|
||||
CreateCarrierGatewayWithContext(aws.Context, *ec2.CreateCarrierGatewayInput, ...request.Option) (*ec2.CreateCarrierGatewayOutput, error)
|
||||
CreateCarrierGatewayRequest(*ec2.CreateCarrierGatewayInput) (*request.Request, *ec2.CreateCarrierGatewayOutput)
|
||||
|
||||
CreateClientVpnEndpoint(*ec2.CreateClientVpnEndpointInput) (*ec2.CreateClientVpnEndpointOutput, error)
|
||||
CreateClientVpnEndpointWithContext(aws.Context, *ec2.CreateClientVpnEndpointInput, ...request.Option) (*ec2.CreateClientVpnEndpointOutput, error)
|
||||
CreateClientVpnEndpointRequest(*ec2.CreateClientVpnEndpointInput) (*request.Request, *ec2.CreateClientVpnEndpointOutput)
|
||||
|
@ -300,6 +304,10 @@ type EC2API interface {
|
|||
CreateLocalGatewayRouteTableVpcAssociationWithContext(aws.Context, *ec2.CreateLocalGatewayRouteTableVpcAssociationInput, ...request.Option) (*ec2.CreateLocalGatewayRouteTableVpcAssociationOutput, error)
|
||||
CreateLocalGatewayRouteTableVpcAssociationRequest(*ec2.CreateLocalGatewayRouteTableVpcAssociationInput) (*request.Request, *ec2.CreateLocalGatewayRouteTableVpcAssociationOutput)
|
||||
|
||||
CreateManagedPrefixList(*ec2.CreateManagedPrefixListInput) (*ec2.CreateManagedPrefixListOutput, error)
|
||||
CreateManagedPrefixListWithContext(aws.Context, *ec2.CreateManagedPrefixListInput, ...request.Option) (*ec2.CreateManagedPrefixListOutput, error)
|
||||
CreateManagedPrefixListRequest(*ec2.CreateManagedPrefixListInput) (*request.Request, *ec2.CreateManagedPrefixListOutput)
|
||||
|
||||
CreateNatGateway(*ec2.CreateNatGatewayInput) (*ec2.CreateNatGatewayOutput, error)
|
||||
CreateNatGatewayWithContext(aws.Context, *ec2.CreateNatGatewayInput, ...request.Option) (*ec2.CreateNatGatewayOutput, error)
|
||||
CreateNatGatewayRequest(*ec2.CreateNatGatewayInput) (*request.Request, *ec2.CreateNatGatewayOutput)
|
||||
|
@ -388,6 +396,10 @@ type EC2API interface {
|
|||
CreateTransitGatewayPeeringAttachmentWithContext(aws.Context, *ec2.CreateTransitGatewayPeeringAttachmentInput, ...request.Option) (*ec2.CreateTransitGatewayPeeringAttachmentOutput, error)
|
||||
CreateTransitGatewayPeeringAttachmentRequest(*ec2.CreateTransitGatewayPeeringAttachmentInput) (*request.Request, *ec2.CreateTransitGatewayPeeringAttachmentOutput)
|
||||
|
||||
CreateTransitGatewayPrefixListReference(*ec2.CreateTransitGatewayPrefixListReferenceInput) (*ec2.CreateTransitGatewayPrefixListReferenceOutput, error)
|
||||
CreateTransitGatewayPrefixListReferenceWithContext(aws.Context, *ec2.CreateTransitGatewayPrefixListReferenceInput, ...request.Option) (*ec2.CreateTransitGatewayPrefixListReferenceOutput, error)
|
||||
CreateTransitGatewayPrefixListReferenceRequest(*ec2.CreateTransitGatewayPrefixListReferenceInput) (*request.Request, *ec2.CreateTransitGatewayPrefixListReferenceOutput)
|
||||
|
||||
CreateTransitGatewayRoute(*ec2.CreateTransitGatewayRouteInput) (*ec2.CreateTransitGatewayRouteOutput, error)
|
||||
CreateTransitGatewayRouteWithContext(aws.Context, *ec2.CreateTransitGatewayRouteInput, ...request.Option) (*ec2.CreateTransitGatewayRouteOutput, error)
|
||||
CreateTransitGatewayRouteRequest(*ec2.CreateTransitGatewayRouteInput) (*request.Request, *ec2.CreateTransitGatewayRouteOutput)
|
||||
|
@ -436,6 +448,10 @@ type EC2API interface {
|
|||
CreateVpnGatewayWithContext(aws.Context, *ec2.CreateVpnGatewayInput, ...request.Option) (*ec2.CreateVpnGatewayOutput, error)
|
||||
CreateVpnGatewayRequest(*ec2.CreateVpnGatewayInput) (*request.Request, *ec2.CreateVpnGatewayOutput)
|
||||
|
||||
DeleteCarrierGateway(*ec2.DeleteCarrierGatewayInput) (*ec2.DeleteCarrierGatewayOutput, error)
|
||||
DeleteCarrierGatewayWithContext(aws.Context, *ec2.DeleteCarrierGatewayInput, ...request.Option) (*ec2.DeleteCarrierGatewayOutput, error)
|
||||
DeleteCarrierGatewayRequest(*ec2.DeleteCarrierGatewayInput) (*request.Request, *ec2.DeleteCarrierGatewayOutput)
|
||||
|
||||
DeleteClientVpnEndpoint(*ec2.DeleteClientVpnEndpointInput) (*ec2.DeleteClientVpnEndpointOutput, error)
|
||||
DeleteClientVpnEndpointWithContext(aws.Context, *ec2.DeleteClientVpnEndpointInput, ...request.Option) (*ec2.DeleteClientVpnEndpointOutput, error)
|
||||
DeleteClientVpnEndpointRequest(*ec2.DeleteClientVpnEndpointInput) (*request.Request, *ec2.DeleteClientVpnEndpointOutput)
|
||||
|
@ -492,6 +508,10 @@ type EC2API interface {
|
|||
DeleteLocalGatewayRouteTableVpcAssociationWithContext(aws.Context, *ec2.DeleteLocalGatewayRouteTableVpcAssociationInput, ...request.Option) (*ec2.DeleteLocalGatewayRouteTableVpcAssociationOutput, error)
|
||||
DeleteLocalGatewayRouteTableVpcAssociationRequest(*ec2.DeleteLocalGatewayRouteTableVpcAssociationInput) (*request.Request, *ec2.DeleteLocalGatewayRouteTableVpcAssociationOutput)
|
||||
|
||||
DeleteManagedPrefixList(*ec2.DeleteManagedPrefixListInput) (*ec2.DeleteManagedPrefixListOutput, error)
|
||||
DeleteManagedPrefixListWithContext(aws.Context, *ec2.DeleteManagedPrefixListInput, ...request.Option) (*ec2.DeleteManagedPrefixListOutput, error)
|
||||
DeleteManagedPrefixListRequest(*ec2.DeleteManagedPrefixListInput) (*request.Request, *ec2.DeleteManagedPrefixListOutput)
|
||||
|
||||
DeleteNatGateway(*ec2.DeleteNatGatewayInput) (*ec2.DeleteNatGatewayOutput, error)
|
||||
DeleteNatGatewayWithContext(aws.Context, *ec2.DeleteNatGatewayInput, ...request.Option) (*ec2.DeleteNatGatewayOutput, error)
|
||||
DeleteNatGatewayRequest(*ec2.DeleteNatGatewayInput) (*request.Request, *ec2.DeleteNatGatewayOutput)
|
||||
|
@ -576,6 +596,10 @@ type EC2API interface {
|
|||
DeleteTransitGatewayPeeringAttachmentWithContext(aws.Context, *ec2.DeleteTransitGatewayPeeringAttachmentInput, ...request.Option) (*ec2.DeleteTransitGatewayPeeringAttachmentOutput, error)
|
||||
DeleteTransitGatewayPeeringAttachmentRequest(*ec2.DeleteTransitGatewayPeeringAttachmentInput) (*request.Request, *ec2.DeleteTransitGatewayPeeringAttachmentOutput)
|
||||
|
||||
DeleteTransitGatewayPrefixListReference(*ec2.DeleteTransitGatewayPrefixListReferenceInput) (*ec2.DeleteTransitGatewayPrefixListReferenceOutput, error)
|
||||
DeleteTransitGatewayPrefixListReferenceWithContext(aws.Context, *ec2.DeleteTransitGatewayPrefixListReferenceInput, ...request.Option) (*ec2.DeleteTransitGatewayPrefixListReferenceOutput, error)
|
||||
DeleteTransitGatewayPrefixListReferenceRequest(*ec2.DeleteTransitGatewayPrefixListReferenceInput) (*request.Request, *ec2.DeleteTransitGatewayPrefixListReferenceOutput)
|
||||
|
||||
DeleteTransitGatewayRoute(*ec2.DeleteTransitGatewayRouteInput) (*ec2.DeleteTransitGatewayRouteOutput, error)
|
||||
DeleteTransitGatewayRouteWithContext(aws.Context, *ec2.DeleteTransitGatewayRouteInput, ...request.Option) (*ec2.DeleteTransitGatewayRouteOutput, error)
|
||||
DeleteTransitGatewayRouteRequest(*ec2.DeleteTransitGatewayRouteInput) (*request.Request, *ec2.DeleteTransitGatewayRouteOutput)
|
||||
|
@ -678,6 +702,13 @@ type EC2API interface {
|
|||
DescribeCapacityReservationsPages(*ec2.DescribeCapacityReservationsInput, func(*ec2.DescribeCapacityReservationsOutput, bool) bool) error
|
||||
DescribeCapacityReservationsPagesWithContext(aws.Context, *ec2.DescribeCapacityReservationsInput, func(*ec2.DescribeCapacityReservationsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeCarrierGateways(*ec2.DescribeCarrierGatewaysInput) (*ec2.DescribeCarrierGatewaysOutput, error)
|
||||
DescribeCarrierGatewaysWithContext(aws.Context, *ec2.DescribeCarrierGatewaysInput, ...request.Option) (*ec2.DescribeCarrierGatewaysOutput, error)
|
||||
DescribeCarrierGatewaysRequest(*ec2.DescribeCarrierGatewaysInput) (*request.Request, *ec2.DescribeCarrierGatewaysOutput)
|
||||
|
||||
DescribeCarrierGatewaysPages(*ec2.DescribeCarrierGatewaysInput, func(*ec2.DescribeCarrierGatewaysOutput, bool) bool) error
|
||||
DescribeCarrierGatewaysPagesWithContext(aws.Context, *ec2.DescribeCarrierGatewaysInput, func(*ec2.DescribeCarrierGatewaysOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeClassicLinkInstances(*ec2.DescribeClassicLinkInstancesInput) (*ec2.DescribeClassicLinkInstancesOutput, error)
|
||||
DescribeClassicLinkInstancesWithContext(aws.Context, *ec2.DescribeClassicLinkInstancesInput, ...request.Option) (*ec2.DescribeClassicLinkInstancesOutput, error)
|
||||
DescribeClassicLinkInstancesRequest(*ec2.DescribeClassicLinkInstancesInput) (*request.Request, *ec2.DescribeClassicLinkInstancesOutput)
|
||||
|
@ -979,6 +1010,13 @@ type EC2API interface {
|
|||
DescribeLocalGatewaysPages(*ec2.DescribeLocalGatewaysInput, func(*ec2.DescribeLocalGatewaysOutput, bool) bool) error
|
||||
DescribeLocalGatewaysPagesWithContext(aws.Context, *ec2.DescribeLocalGatewaysInput, func(*ec2.DescribeLocalGatewaysOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeManagedPrefixLists(*ec2.DescribeManagedPrefixListsInput) (*ec2.DescribeManagedPrefixListsOutput, error)
|
||||
DescribeManagedPrefixListsWithContext(aws.Context, *ec2.DescribeManagedPrefixListsInput, ...request.Option) (*ec2.DescribeManagedPrefixListsOutput, error)
|
||||
DescribeManagedPrefixListsRequest(*ec2.DescribeManagedPrefixListsInput) (*request.Request, *ec2.DescribeManagedPrefixListsOutput)
|
||||
|
||||
DescribeManagedPrefixListsPages(*ec2.DescribeManagedPrefixListsInput, func(*ec2.DescribeManagedPrefixListsOutput, bool) bool) error
|
||||
DescribeManagedPrefixListsPagesWithContext(aws.Context, *ec2.DescribeManagedPrefixListsInput, func(*ec2.DescribeManagedPrefixListsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMovingAddresses(*ec2.DescribeMovingAddressesInput) (*ec2.DescribeMovingAddressesOutput, error)
|
||||
DescribeMovingAddressesWithContext(aws.Context, *ec2.DescribeMovingAddressesInput, ...request.Option) (*ec2.DescribeMovingAddressesOutput, error)
|
||||
DescribeMovingAddressesRequest(*ec2.DescribeMovingAddressesInput) (*request.Request, *ec2.DescribeMovingAddressesOutput)
|
||||
|
@ -1485,6 +1523,13 @@ type EC2API interface {
|
|||
GetEbsEncryptionByDefaultWithContext(aws.Context, *ec2.GetEbsEncryptionByDefaultInput, ...request.Option) (*ec2.GetEbsEncryptionByDefaultOutput, error)
|
||||
GetEbsEncryptionByDefaultRequest(*ec2.GetEbsEncryptionByDefaultInput) (*request.Request, *ec2.GetEbsEncryptionByDefaultOutput)
|
||||
|
||||
GetGroupsForCapacityReservation(*ec2.GetGroupsForCapacityReservationInput) (*ec2.GetGroupsForCapacityReservationOutput, error)
|
||||
GetGroupsForCapacityReservationWithContext(aws.Context, *ec2.GetGroupsForCapacityReservationInput, ...request.Option) (*ec2.GetGroupsForCapacityReservationOutput, error)
|
||||
GetGroupsForCapacityReservationRequest(*ec2.GetGroupsForCapacityReservationInput) (*request.Request, *ec2.GetGroupsForCapacityReservationOutput)
|
||||
|
||||
GetGroupsForCapacityReservationPages(*ec2.GetGroupsForCapacityReservationInput, func(*ec2.GetGroupsForCapacityReservationOutput, bool) bool) error
|
||||
GetGroupsForCapacityReservationPagesWithContext(aws.Context, *ec2.GetGroupsForCapacityReservationInput, func(*ec2.GetGroupsForCapacityReservationOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetHostReservationPurchasePreview(*ec2.GetHostReservationPurchasePreviewInput) (*ec2.GetHostReservationPurchasePreviewOutput, error)
|
||||
GetHostReservationPurchasePreviewWithContext(aws.Context, *ec2.GetHostReservationPurchasePreviewInput, ...request.Option) (*ec2.GetHostReservationPurchasePreviewOutput, error)
|
||||
GetHostReservationPurchasePreviewRequest(*ec2.GetHostReservationPurchasePreviewInput) (*request.Request, *ec2.GetHostReservationPurchasePreviewOutput)
|
||||
|
@ -1493,6 +1538,20 @@ type EC2API interface {
|
|||
GetLaunchTemplateDataWithContext(aws.Context, *ec2.GetLaunchTemplateDataInput, ...request.Option) (*ec2.GetLaunchTemplateDataOutput, error)
|
||||
GetLaunchTemplateDataRequest(*ec2.GetLaunchTemplateDataInput) (*request.Request, *ec2.GetLaunchTemplateDataOutput)
|
||||
|
||||
GetManagedPrefixListAssociations(*ec2.GetManagedPrefixListAssociationsInput) (*ec2.GetManagedPrefixListAssociationsOutput, error)
|
||||
GetManagedPrefixListAssociationsWithContext(aws.Context, *ec2.GetManagedPrefixListAssociationsInput, ...request.Option) (*ec2.GetManagedPrefixListAssociationsOutput, error)
|
||||
GetManagedPrefixListAssociationsRequest(*ec2.GetManagedPrefixListAssociationsInput) (*request.Request, *ec2.GetManagedPrefixListAssociationsOutput)
|
||||
|
||||
GetManagedPrefixListAssociationsPages(*ec2.GetManagedPrefixListAssociationsInput, func(*ec2.GetManagedPrefixListAssociationsOutput, bool) bool) error
|
||||
GetManagedPrefixListAssociationsPagesWithContext(aws.Context, *ec2.GetManagedPrefixListAssociationsInput, func(*ec2.GetManagedPrefixListAssociationsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetManagedPrefixListEntries(*ec2.GetManagedPrefixListEntriesInput) (*ec2.GetManagedPrefixListEntriesOutput, error)
|
||||
GetManagedPrefixListEntriesWithContext(aws.Context, *ec2.GetManagedPrefixListEntriesInput, ...request.Option) (*ec2.GetManagedPrefixListEntriesOutput, error)
|
||||
GetManagedPrefixListEntriesRequest(*ec2.GetManagedPrefixListEntriesInput) (*request.Request, *ec2.GetManagedPrefixListEntriesOutput)
|
||||
|
||||
GetManagedPrefixListEntriesPages(*ec2.GetManagedPrefixListEntriesInput, func(*ec2.GetManagedPrefixListEntriesOutput, bool) bool) error
|
||||
GetManagedPrefixListEntriesPagesWithContext(aws.Context, *ec2.GetManagedPrefixListEntriesInput, func(*ec2.GetManagedPrefixListEntriesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetPasswordData(*ec2.GetPasswordDataInput) (*ec2.GetPasswordDataOutput, error)
|
||||
GetPasswordDataWithContext(aws.Context, *ec2.GetPasswordDataInput, ...request.Option) (*ec2.GetPasswordDataOutput, error)
|
||||
GetPasswordDataRequest(*ec2.GetPasswordDataInput) (*request.Request, *ec2.GetPasswordDataOutput)
|
||||
|
@ -1515,6 +1574,13 @@ type EC2API interface {
|
|||
GetTransitGatewayMulticastDomainAssociationsPages(*ec2.GetTransitGatewayMulticastDomainAssociationsInput, func(*ec2.GetTransitGatewayMulticastDomainAssociationsOutput, bool) bool) error
|
||||
GetTransitGatewayMulticastDomainAssociationsPagesWithContext(aws.Context, *ec2.GetTransitGatewayMulticastDomainAssociationsInput, func(*ec2.GetTransitGatewayMulticastDomainAssociationsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetTransitGatewayPrefixListReferences(*ec2.GetTransitGatewayPrefixListReferencesInput) (*ec2.GetTransitGatewayPrefixListReferencesOutput, error)
|
||||
GetTransitGatewayPrefixListReferencesWithContext(aws.Context, *ec2.GetTransitGatewayPrefixListReferencesInput, ...request.Option) (*ec2.GetTransitGatewayPrefixListReferencesOutput, error)
|
||||
GetTransitGatewayPrefixListReferencesRequest(*ec2.GetTransitGatewayPrefixListReferencesInput) (*request.Request, *ec2.GetTransitGatewayPrefixListReferencesOutput)
|
||||
|
||||
GetTransitGatewayPrefixListReferencesPages(*ec2.GetTransitGatewayPrefixListReferencesInput, func(*ec2.GetTransitGatewayPrefixListReferencesOutput, bool) bool) error
|
||||
GetTransitGatewayPrefixListReferencesPagesWithContext(aws.Context, *ec2.GetTransitGatewayPrefixListReferencesInput, func(*ec2.GetTransitGatewayPrefixListReferencesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetTransitGatewayRouteTableAssociations(*ec2.GetTransitGatewayRouteTableAssociationsInput) (*ec2.GetTransitGatewayRouteTableAssociationsOutput, error)
|
||||
GetTransitGatewayRouteTableAssociationsWithContext(aws.Context, *ec2.GetTransitGatewayRouteTableAssociationsInput, ...request.Option) (*ec2.GetTransitGatewayRouteTableAssociationsOutput, error)
|
||||
GetTransitGatewayRouteTableAssociationsRequest(*ec2.GetTransitGatewayRouteTableAssociationsInput) (*request.Request, *ec2.GetTransitGatewayRouteTableAssociationsOutput)
|
||||
|
@ -1625,6 +1691,10 @@ type EC2API interface {
|
|||
ModifyLaunchTemplateWithContext(aws.Context, *ec2.ModifyLaunchTemplateInput, ...request.Option) (*ec2.ModifyLaunchTemplateOutput, error)
|
||||
ModifyLaunchTemplateRequest(*ec2.ModifyLaunchTemplateInput) (*request.Request, *ec2.ModifyLaunchTemplateOutput)
|
||||
|
||||
ModifyManagedPrefixList(*ec2.ModifyManagedPrefixListInput) (*ec2.ModifyManagedPrefixListOutput, error)
|
||||
ModifyManagedPrefixListWithContext(aws.Context, *ec2.ModifyManagedPrefixListInput, ...request.Option) (*ec2.ModifyManagedPrefixListOutput, error)
|
||||
ModifyManagedPrefixListRequest(*ec2.ModifyManagedPrefixListInput) (*request.Request, *ec2.ModifyManagedPrefixListOutput)
|
||||
|
||||
ModifyNetworkInterfaceAttribute(*ec2.ModifyNetworkInterfaceAttributeInput) (*ec2.ModifyNetworkInterfaceAttributeOutput, error)
|
||||
ModifyNetworkInterfaceAttributeWithContext(aws.Context, *ec2.ModifyNetworkInterfaceAttributeInput, ...request.Option) (*ec2.ModifyNetworkInterfaceAttributeOutput, error)
|
||||
ModifyNetworkInterfaceAttributeRequest(*ec2.ModifyNetworkInterfaceAttributeInput) (*request.Request, *ec2.ModifyNetworkInterfaceAttributeOutput)
|
||||
|
@ -1657,6 +1727,14 @@ type EC2API interface {
|
|||
ModifyTrafficMirrorSessionWithContext(aws.Context, *ec2.ModifyTrafficMirrorSessionInput, ...request.Option) (*ec2.ModifyTrafficMirrorSessionOutput, error)
|
||||
ModifyTrafficMirrorSessionRequest(*ec2.ModifyTrafficMirrorSessionInput) (*request.Request, *ec2.ModifyTrafficMirrorSessionOutput)
|
||||
|
||||
ModifyTransitGateway(*ec2.ModifyTransitGatewayInput) (*ec2.ModifyTransitGatewayOutput, error)
|
||||
ModifyTransitGatewayWithContext(aws.Context, *ec2.ModifyTransitGatewayInput, ...request.Option) (*ec2.ModifyTransitGatewayOutput, error)
|
||||
ModifyTransitGatewayRequest(*ec2.ModifyTransitGatewayInput) (*request.Request, *ec2.ModifyTransitGatewayOutput)
|
||||
|
||||
ModifyTransitGatewayPrefixListReference(*ec2.ModifyTransitGatewayPrefixListReferenceInput) (*ec2.ModifyTransitGatewayPrefixListReferenceOutput, error)
|
||||
ModifyTransitGatewayPrefixListReferenceWithContext(aws.Context, *ec2.ModifyTransitGatewayPrefixListReferenceInput, ...request.Option) (*ec2.ModifyTransitGatewayPrefixListReferenceOutput, error)
|
||||
ModifyTransitGatewayPrefixListReferenceRequest(*ec2.ModifyTransitGatewayPrefixListReferenceInput) (*request.Request, *ec2.ModifyTransitGatewayPrefixListReferenceOutput)
|
||||
|
||||
ModifyTransitGatewayVpcAttachment(*ec2.ModifyTransitGatewayVpcAttachmentInput) (*ec2.ModifyTransitGatewayVpcAttachmentOutput, error)
|
||||
ModifyTransitGatewayVpcAttachmentWithContext(aws.Context, *ec2.ModifyTransitGatewayVpcAttachmentInput, ...request.Option) (*ec2.ModifyTransitGatewayVpcAttachmentOutput, error)
|
||||
ModifyTransitGatewayVpcAttachmentRequest(*ec2.ModifyTransitGatewayVpcAttachmentInput) (*request.Request, *ec2.ModifyTransitGatewayVpcAttachmentOutput)
|
||||
|
@ -1701,6 +1779,10 @@ type EC2API interface {
|
|||
ModifyVpnConnectionWithContext(aws.Context, *ec2.ModifyVpnConnectionInput, ...request.Option) (*ec2.ModifyVpnConnectionOutput, error)
|
||||
ModifyVpnConnectionRequest(*ec2.ModifyVpnConnectionInput) (*request.Request, *ec2.ModifyVpnConnectionOutput)
|
||||
|
||||
ModifyVpnConnectionOptions(*ec2.ModifyVpnConnectionOptionsInput) (*ec2.ModifyVpnConnectionOptionsOutput, error)
|
||||
ModifyVpnConnectionOptionsWithContext(aws.Context, *ec2.ModifyVpnConnectionOptionsInput, ...request.Option) (*ec2.ModifyVpnConnectionOptionsOutput, error)
|
||||
ModifyVpnConnectionOptionsRequest(*ec2.ModifyVpnConnectionOptionsInput) (*request.Request, *ec2.ModifyVpnConnectionOptionsOutput)
|
||||
|
||||
ModifyVpnTunnelCertificate(*ec2.ModifyVpnTunnelCertificateInput) (*ec2.ModifyVpnTunnelCertificateOutput, error)
|
||||
ModifyVpnTunnelCertificateWithContext(aws.Context, *ec2.ModifyVpnTunnelCertificateInput, ...request.Option) (*ec2.ModifyVpnTunnelCertificateOutput, error)
|
||||
ModifyVpnTunnelCertificateRequest(*ec2.ModifyVpnTunnelCertificateInput) (*request.Request, *ec2.ModifyVpnTunnelCertificateOutput)
|
||||
|
@ -1841,6 +1923,10 @@ type EC2API interface {
|
|||
RestoreAddressToClassicWithContext(aws.Context, *ec2.RestoreAddressToClassicInput, ...request.Option) (*ec2.RestoreAddressToClassicOutput, error)
|
||||
RestoreAddressToClassicRequest(*ec2.RestoreAddressToClassicInput) (*request.Request, *ec2.RestoreAddressToClassicOutput)
|
||||
|
||||
RestoreManagedPrefixListVersion(*ec2.RestoreManagedPrefixListVersionInput) (*ec2.RestoreManagedPrefixListVersionOutput, error)
|
||||
RestoreManagedPrefixListVersionWithContext(aws.Context, *ec2.RestoreManagedPrefixListVersionInput, ...request.Option) (*ec2.RestoreManagedPrefixListVersionOutput, error)
|
||||
RestoreManagedPrefixListVersionRequest(*ec2.RestoreManagedPrefixListVersionInput) (*request.Request, *ec2.RestoreManagedPrefixListVersionOutput)
|
||||
|
||||
RevokeClientVpnIngress(*ec2.RevokeClientVpnIngressInput) (*ec2.RevokeClientVpnIngressOutput, error)
|
||||
RevokeClientVpnIngressWithContext(aws.Context, *ec2.RevokeClientVpnIngressInput, ...request.Option) (*ec2.RevokeClientVpnIngressOutput, error)
|
||||
RevokeClientVpnIngressRequest(*ec2.RevokeClientVpnIngressInput) (*request.Request, *ec2.RevokeClientVpnIngressOutput)
|
||||
|
|
|
@ -60,14 +60,12 @@ func (c *ECR) BatchCheckLayerAvailabilityRequest(input *BatchCheckLayerAvailabil
|
|||
// Checks the availability of one or more image layers in a repository.
|
||||
//
|
||||
// When an image is pushed to a repository, each image layer is checked to verify
|
||||
// if it has been uploaded before. If it is, then the image layer is skipped.
|
||||
// if it has been uploaded before. If it has been uploaded, then the image layer
|
||||
// is skipped.
|
||||
//
|
||||
// When an image is pulled from a repository, each image layer is checked once
|
||||
// to verify it is available to be pulled.
|
||||
//
|
||||
// This operation is used by the Amazon ECR proxy, and it is not intended for
|
||||
// general use by customers for pulling and pushing images. In most cases, you
|
||||
// should use the docker CLI to pull, tag, and push images.
|
||||
// This operation is used by the Amazon ECR proxy and is not generally used
|
||||
// by customers for pulling and pushing images. In most cases, you should use
|
||||
// the docker CLI to pull, tag, and push images.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -347,9 +345,9 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req *
|
|||
// When an image is pushed, the CompleteLayerUpload API is called once per each
|
||||
// new image layer to verify that the upload has completed.
|
||||
//
|
||||
// This operation is used by the Amazon ECR proxy, and it is not intended for
|
||||
// general use by customers for pulling and pushing images. In most cases, you
|
||||
// should use the docker CLI to pull, tag, and push images.
|
||||
// This operation is used by the Amazon ECR proxy and is not generally used
|
||||
// by customers for pulling and pushing images. In most cases, you should use
|
||||
// the docker CLI to pull, tag, and push images.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -371,7 +369,7 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req *
|
|||
// repository and ensure that you are performing operations on the correct registry.
|
||||
//
|
||||
// * UploadNotFoundException
|
||||
// The upload could not be found, or the specified upload id is not valid for
|
||||
// The upload could not be found, or the specified upload ID is not valid for
|
||||
// this repository.
|
||||
//
|
||||
// * InvalidLayerException
|
||||
|
@ -387,6 +385,9 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req *
|
|||
// * EmptyUploadException
|
||||
// The specified layer upload does not contain any layer parts.
|
||||
//
|
||||
// * KmsException
|
||||
// The operation failed due to a KMS exception.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CompleteLayerUpload
|
||||
func (c *ECR) CompleteLayerUpload(input *CompleteLayerUploadInput) (*CompleteLayerUploadOutput, error) {
|
||||
req, out := c.CompleteLayerUploadRequest(input)
|
||||
|
@ -485,10 +486,12 @@ func (c *ECR) CreateRepositoryRequest(input *CreateRepositoryInput) (req *reques
|
|||
//
|
||||
// * LimitExceededException
|
||||
// The operation did not succeed because it would have exceeded a service limit
|
||||
// for your account. For more information, see Amazon ECR Default Service Limits
|
||||
// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html)
|
||||
// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
//
|
||||
// * KmsException
|
||||
// The operation failed due to a KMS exception.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreateRepository
|
||||
func (c *ECR) CreateRepository(input *CreateRepositoryInput) (*CreateRepositoryOutput, error) {
|
||||
req, out := c.CreateRepositoryRequest(input)
|
||||
|
@ -672,6 +675,9 @@ func (c *ECR) DeleteRepositoryRequest(input *DeleteRepositoryInput) (req *reques
|
|||
// The specified repository contains images. To delete a repository that contains
|
||||
// images, you must force the deletion with the force parameter.
|
||||
//
|
||||
// * KmsException
|
||||
// The operation failed due to a KMS exception.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRepository
|
||||
func (c *ECR) DeleteRepository(input *DeleteRepositoryInput) (*DeleteRepositoryOutput, error) {
|
||||
req, out := c.DeleteRepositoryRequest(input)
|
||||
|
@ -1375,11 +1381,11 @@ func (c *ECR) GetDownloadUrlForLayerRequest(input *GetDownloadUrlForLayerInput)
|
|||
// layer. You can only get URLs for image layers that are referenced in an image.
|
||||
//
|
||||
// When an image is pulled, the GetDownloadUrlForLayer API is called once per
|
||||
// image layer.
|
||||
// image layer that is not already cached.
|
||||
//
|
||||
// This operation is used by the Amazon ECR proxy, and it is not intended for
|
||||
// general use by customers for pulling and pushing images. In most cases, you
|
||||
// should use the docker CLI to pull, tag, and push images.
|
||||
// This operation is used by the Amazon ECR proxy and is not generally used
|
||||
// by customers for pulling and pushing images. In most cases, you should use
|
||||
// the docker CLI to pull, tag, and push images.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -1807,12 +1813,12 @@ func (c *ECR) InitiateLayerUploadRequest(input *InitiateLayerUploadInput) (req *
|
|||
// Notifies Amazon ECR that you intend to upload an image layer.
|
||||
//
|
||||
// When an image is pushed, the InitiateLayerUpload API is called once per image
|
||||
// layer that has not already been uploaded. Whether an image layer has been
|
||||
// uploaded before is determined by the BatchCheckLayerAvailability API action.
|
||||
// layer that has not already been uploaded. Whether or not an image layer has
|
||||
// been uploaded is determined by the BatchCheckLayerAvailability API action.
|
||||
//
|
||||
// This operation is used by the Amazon ECR proxy, and it is not intended for
|
||||
// general use by customers for pulling and pushing images. In most cases, you
|
||||
// should use the docker CLI to pull, tag, and push images.
|
||||
// This operation is used by the Amazon ECR proxy and is not generally used
|
||||
// by customers for pulling and pushing images. In most cases, you should use
|
||||
// the docker CLI to pull, tag, and push images.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -1833,6 +1839,9 @@ func (c *ECR) InitiateLayerUploadRequest(input *InitiateLayerUploadInput) (req *
|
|||
// The specified repository could not be found. Check the spelling of the specified
|
||||
// repository and ensure that you are performing operations on the correct registry.
|
||||
//
|
||||
// * KmsException
|
||||
// The operation failed due to a KMS exception.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/InitiateLayerUpload
|
||||
func (c *ECR) InitiateLayerUpload(input *InitiateLayerUploadInput) (*InitiateLayerUploadOutput, error) {
|
||||
req, out := c.InitiateLayerUploadRequest(input)
|
||||
|
@ -2141,12 +2150,12 @@ func (c *ECR) PutImageRequest(input *PutImageInput) (req *request.Request, outpu
|
|||
// Creates or updates the image manifest and tags associated with an image.
|
||||
//
|
||||
// When an image is pushed and all new image layers have been uploaded, the
|
||||
// PutImage API is called once to create or update the image manifest and tags
|
||||
// associated with the image.
|
||||
// PutImage API is called once to create or update the image manifest and the
|
||||
// tags associated with the image.
|
||||
//
|
||||
// This operation is used by the Amazon ECR proxy, and it is not intended for
|
||||
// general use by customers for pulling and pushing images. In most cases, you
|
||||
// should use the docker CLI to pull, tag, and push images.
|
||||
// This operation is used by the Amazon ECR proxy and is not generally used
|
||||
// by customers for pulling and pushing images. In most cases, you should use
|
||||
// the docker CLI to pull, tag, and push images.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -2175,16 +2184,25 @@ func (c *ECR) PutImageRequest(input *PutImageInput) (req *request.Request, outpu
|
|||
// The specified layers could not be found, or the specified layer is not valid
|
||||
// for this repository.
|
||||
//
|
||||
// * ReferencedImagesNotFoundException
|
||||
// The manifest list is referencing an image that does not exist.
|
||||
//
|
||||
// * LimitExceededException
|
||||
// The operation did not succeed because it would have exceeded a service limit
|
||||
// for your account. For more information, see Amazon ECR Default Service Limits
|
||||
// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html)
|
||||
// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
//
|
||||
// * ImageTagAlreadyExistsException
|
||||
// The specified image is tagged with a tag that already exists. The repository
|
||||
// is configured for tag immutability.
|
||||
//
|
||||
// * ImageDigestDoesNotMatchException
|
||||
// The specified image digest does not match the digest that Amazon ECR calculated
|
||||
// for the image.
|
||||
//
|
||||
// * KmsException
|
||||
// The operation failed due to a KMS exception.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImage
|
||||
func (c *ECR) PutImage(input *PutImageInput) (*PutImageOutput, error) {
|
||||
req, out := c.PutImageRequest(input)
|
||||
|
@ -2516,7 +2534,7 @@ func (c *ECR) SetRepositoryPolicyRequest(input *SetRepositoryPolicyInput) (req *
|
|||
// SetRepositoryPolicy API operation for Amazon EC2 Container Registry.
|
||||
//
|
||||
// Applies a repository policy to the specified repository to control access
|
||||
// permissions. For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicies.html)
|
||||
// permissions. For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
|
@ -2624,6 +2642,14 @@ func (c *ECR) StartImageScanRequest(input *StartImageScanInput) (req *request.Re
|
|||
// The specified parameter is invalid. Review the available parameters for the
|
||||
// API request.
|
||||
//
|
||||
// * UnsupportedImageTypeException
|
||||
// The image is of a type that cannot be scanned.
|
||||
//
|
||||
// * LimitExceededException
|
||||
// The operation did not succeed because it would have exceeded a service limit
|
||||
// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
//
|
||||
// * RepositoryNotFoundException
|
||||
// The specified repository could not be found. Check the spelling of the specified
|
||||
// repository and ensure that you are performing operations on the correct registry.
|
||||
|
@ -2724,8 +2750,8 @@ func (c *ECR) StartLifecyclePolicyPreviewRequest(input *StartLifecyclePolicyPrev
|
|||
// The lifecycle policy could not be found, and no policy is set to the repository.
|
||||
//
|
||||
// * LifecyclePolicyPreviewInProgressException
|
||||
// The previous lifecycle policy preview request has not completed. Please try
|
||||
// again later.
|
||||
// The previous lifecycle policy preview request has not completed. Wait and
|
||||
// try again.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/StartLifecyclePolicyPreview
|
||||
func (c *ECR) StartLifecyclePolicyPreview(input *StartLifecyclePolicyPreviewInput) (*StartLifecyclePolicyPreviewOutput, error) {
|
||||
|
@ -2994,9 +3020,9 @@ func (c *ECR) UploadLayerPartRequest(input *UploadLayerPartInput) (req *request.
|
|||
// size of each image layer part can be 20971520 bytes (or about 20MB). The
|
||||
// UploadLayerPart API is called once per each new image layer part.
|
||||
//
|
||||
// This operation is used by the Amazon ECR proxy, and it is not intended for
|
||||
// general use by customers for pulling and pushing images. In most cases, you
|
||||
// should use the docker CLI to pull, tag, and push images.
|
||||
// This operation is used by the Amazon ECR proxy and is not generally used
|
||||
// by customers for pulling and pushing images. In most cases, you should use
|
||||
// the docker CLI to pull, tag, and push images.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
|
@ -3022,15 +3048,17 @@ func (c *ECR) UploadLayerPartRequest(input *UploadLayerPartInput) (req *request.
|
|||
// repository and ensure that you are performing operations on the correct registry.
|
||||
//
|
||||
// * UploadNotFoundException
|
||||
// The upload could not be found, or the specified upload id is not valid for
|
||||
// The upload could not be found, or the specified upload ID is not valid for
|
||||
// this repository.
|
||||
//
|
||||
// * LimitExceededException
|
||||
// The operation did not succeed because it would have exceeded a service limit
|
||||
// for your account. For more information, see Amazon ECR Default Service Limits
|
||||
// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html)
|
||||
// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
//
|
||||
// * KmsException
|
||||
// The operation failed due to a KMS exception.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UploadLayerPart
|
||||
func (c *ECR) UploadLayerPart(input *UploadLayerPartInput) (*UploadLayerPartOutput, error) {
|
||||
req, out := c.UploadLayerPartRequest(input)
|
||||
|
@ -3611,9 +3639,12 @@ func (s *CompleteLayerUploadOutput) SetUploadId(v string) *CompleteLayerUploadOu
|
|||
type CreateRepositoryInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The image scanning configuration for the repository. This setting determines
|
||||
// whether images are scanned for known vulnerabilities after being pushed to
|
||||
// the repository.
|
||||
// The encryption configuration for the repository. This determines how the
|
||||
// contents of your repository are encrypted at rest.
|
||||
EncryptionConfiguration *EncryptionConfiguration `locationName:"encryptionConfiguration" type:"structure"`
|
||||
|
||||
// The image scanning configuration for the repository. This determines whether
|
||||
// images are scanned for known vulnerabilities after being pushed to the repository.
|
||||
ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"`
|
||||
|
||||
// The tag mutability setting for the repository. If this parameter is omitted,
|
||||
|
@ -3655,6 +3686,11 @@ func (s *CreateRepositoryInput) Validate() error {
|
|||
if s.RepositoryName != nil && len(*s.RepositoryName) < 2 {
|
||||
invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2))
|
||||
}
|
||||
if s.EncryptionConfiguration != nil {
|
||||
if err := s.EncryptionConfiguration.Validate(); err != nil {
|
||||
invalidParams.AddNested("EncryptionConfiguration", err.(request.ErrInvalidParams))
|
||||
}
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
|
@ -3662,6 +3698,12 @@ func (s *CreateRepositoryInput) Validate() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// SetEncryptionConfiguration sets the EncryptionConfiguration field's value.
|
||||
func (s *CreateRepositoryInput) SetEncryptionConfiguration(v *EncryptionConfiguration) *CreateRepositoryInput {
|
||||
s.EncryptionConfiguration = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageScanningConfiguration sets the ImageScanningConfiguration field's value.
|
||||
func (s *CreateRepositoryInput) SetImageScanningConfiguration(v *ImageScanningConfiguration) *CreateRepositoryInput {
|
||||
s.ImageScanningConfiguration = v
|
||||
|
@ -4512,6 +4554,87 @@ func (s *EmptyUploadException) RequestID() string {
|
|||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// The encryption configuration for the repository. This determines how the
|
||||
// contents of your repository are encrypted at rest.
|
||||
//
|
||||
// By default, when no encryption configuration is set or the AES256 encryption
|
||||
// type is used, Amazon ECR uses server-side encryption with Amazon S3-managed
|
||||
// encryption keys which encrypts your data at rest using an AES-256 encryption
|
||||
// algorithm. This does not require any action on your part.
|
||||
//
|
||||
// For more control over the encryption of the contents of your repository,
|
||||
// you can use server-side encryption with customer master keys (CMKs) stored
|
||||
// in AWS Key Management Service (AWS KMS) to encrypt your images. For more
|
||||
// information, see Amazon ECR encryption at rest (https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
type EncryptionConfiguration struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The encryption type to use.
|
||||
//
|
||||
// If you use the KMS encryption type, the contents of the repository will be
|
||||
// encrypted using server-side encryption with customer master keys (CMKs) stored
|
||||
// in AWS KMS. When you use AWS KMS to encrypt your data, you can either use
|
||||
// the default AWS managed CMK for Amazon ECR, or specify your own CMK, which
|
||||
// you already created. For more information, see Protecting Data Using Server-Side
|
||||
// Encryption with CMKs Stored in AWS Key Management Service (SSE-KMS) (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html)
|
||||
// in the Amazon Simple Storage Service Console Developer Guide..
|
||||
//
|
||||
// If you use the AES256 encryption type, Amazon ECR uses server-side encryption
|
||||
// with Amazon S3-managed encryption keys which encrypts the images in the repository
|
||||
// using an AES-256 encryption algorithm. For more information, see Protecting
|
||||
// Data Using Server-Side Encryption with Amazon S3-Managed Encryption Keys
|
||||
// (SSE-S3) (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html)
|
||||
// in the Amazon Simple Storage Service Console Developer Guide..
|
||||
//
|
||||
// EncryptionType is a required field
|
||||
EncryptionType *string `locationName:"encryptionType" type:"string" required:"true" enum:"EncryptionType"`
|
||||
|
||||
// If you use the KMS encryption type, specify the CMK to use for encryption.
|
||||
// The alias, key ID, or full ARN of the CMK can be specified. The key must
|
||||
// exist in the same Region as the repository. If no key is specified, the default
|
||||
// AWS managed CMK for Amazon ECR will be used.
|
||||
KmsKey *string `locationName:"kmsKey" min:"1" type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
func (s EncryptionConfiguration) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation
|
||||
func (s EncryptionConfiguration) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// Validate inspects the fields of the type to determine if they are valid.
|
||||
func (s *EncryptionConfiguration) Validate() error {
|
||||
invalidParams := request.ErrInvalidParams{Context: "EncryptionConfiguration"}
|
||||
if s.EncryptionType == nil {
|
||||
invalidParams.Add(request.NewErrParamRequired("EncryptionType"))
|
||||
}
|
||||
if s.KmsKey != nil && len(*s.KmsKey) < 1 {
|
||||
invalidParams.Add(request.NewErrParamMinLen("KmsKey", 1))
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetEncryptionType sets the EncryptionType field's value.
|
||||
func (s *EncryptionConfiguration) SetEncryptionType(v string) *EncryptionConfiguration {
|
||||
s.EncryptionType = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetKmsKey sets the KmsKey field's value.
|
||||
func (s *EncryptionConfiguration) SetKmsKey(v string) *EncryptionConfiguration {
|
||||
s.KmsKey = &v
|
||||
return s
|
||||
}
|
||||
|
||||
type GetAuthorizationTokenInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
|
@ -5070,6 +5193,9 @@ type Image struct {
|
|||
// The image manifest associated with the image.
|
||||
ImageManifest *string `locationName:"imageManifest" min:"1" type:"string"`
|
||||
|
||||
// The manifest media type of the image.
|
||||
ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"`
|
||||
|
||||
// The AWS account ID associated with the registry containing the image.
|
||||
RegistryId *string `locationName:"registryId" type:"string"`
|
||||
|
||||
|
@ -5099,6 +5225,12 @@ func (s *Image) SetImageManifest(v string) *Image {
|
|||
return s
|
||||
}
|
||||
|
||||
// SetImageManifestMediaType sets the ImageManifestMediaType field's value.
|
||||
func (s *Image) SetImageManifestMediaType(v string) *Image {
|
||||
s.ImageManifestMediaType = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetRegistryId sets the RegistryId field's value.
|
||||
func (s *Image) SetRegistryId(v string) *Image {
|
||||
s.RegistryId = &v
|
||||
|
@ -5173,9 +5305,15 @@ func (s *ImageAlreadyExistsException) RequestID() string {
|
|||
type ImageDetail struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The artifact media type of the image.
|
||||
ArtifactMediaType *string `locationName:"artifactMediaType" type:"string"`
|
||||
|
||||
// The sha256 digest of the image manifest.
|
||||
ImageDigest *string `locationName:"imageDigest" type:"string"`
|
||||
|
||||
// The media type of the image manifest.
|
||||
ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"`
|
||||
|
||||
// The date and time, expressed in standard JavaScript date format, at which
|
||||
// the current image was pushed to the repository.
|
||||
ImagePushedAt *time.Time `locationName:"imagePushedAt" type:"timestamp"`
|
||||
|
@ -5188,6 +5326,9 @@ type ImageDetail struct {
|
|||
|
||||
// The size, in bytes, of the image in the repository.
|
||||
//
|
||||
// If the image is a manifest list, this will be the max size of all manifests
|
||||
// in the list.
|
||||
//
|
||||
// Beginning with Docker version 1.9, the Docker client compresses image layers
|
||||
// before pushing them to a V2 Docker registry. The output of the docker images
|
||||
// command shows the uncompressed image size, so it may return a larger image
|
||||
|
@ -5214,12 +5355,24 @@ func (s ImageDetail) GoString() string {
|
|||
return s.String()
|
||||
}
|
||||
|
||||
// SetArtifactMediaType sets the ArtifactMediaType field's value.
|
||||
func (s *ImageDetail) SetArtifactMediaType(v string) *ImageDetail {
|
||||
s.ArtifactMediaType = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageDigest sets the ImageDigest field's value.
|
||||
func (s *ImageDetail) SetImageDigest(v string) *ImageDetail {
|
||||
s.ImageDigest = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageManifestMediaType sets the ImageManifestMediaType field's value.
|
||||
func (s *ImageDetail) SetImageManifestMediaType(v string) *ImageDetail {
|
||||
s.ImageManifestMediaType = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImagePushedAt sets the ImagePushedAt field's value.
|
||||
func (s *ImageDetail) SetImagePushedAt(v time.Time) *ImageDetail {
|
||||
s.ImagePushedAt = &v
|
||||
|
@ -5262,6 +5415,63 @@ func (s *ImageDetail) SetRepositoryName(v string) *ImageDetail {
|
|||
return s
|
||||
}
|
||||
|
||||
// The specified image digest does not match the digest that Amazon ECR calculated
|
||||
// for the image.
|
||||
type ImageDigestDoesNotMatchException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
||||
Message_ *string `locationName:"message" type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
func (s ImageDigestDoesNotMatchException) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation
|
||||
func (s ImageDigestDoesNotMatchException) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
func newErrorImageDigestDoesNotMatchException(v protocol.ResponseMetadata) error {
|
||||
return &ImageDigestDoesNotMatchException{
|
||||
RespMetadata: v,
|
||||
}
|
||||
}
|
||||
|
||||
// Code returns the exception type name.
|
||||
func (s *ImageDigestDoesNotMatchException) Code() string {
|
||||
return "ImageDigestDoesNotMatchException"
|
||||
}
|
||||
|
||||
// Message returns the exception's message.
|
||||
func (s *ImageDigestDoesNotMatchException) Message() string {
|
||||
if s.Message_ != nil {
|
||||
return *s.Message_
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// OrigErr always returns nil, satisfies awserr.Error interface.
|
||||
func (s *ImageDigestDoesNotMatchException) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *ImageDigestDoesNotMatchException) Error() string {
|
||||
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
|
||||
}
|
||||
|
||||
// Status code returns the HTTP status code for the request's response error.
|
||||
func (s *ImageDigestDoesNotMatchException) StatusCode() int {
|
||||
return s.RespMetadata.StatusCode
|
||||
}
|
||||
|
||||
// RequestID returns the service's response RequestID for request.
|
||||
func (s *ImageDigestDoesNotMatchException) RequestID() string {
|
||||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// An object representing an Amazon ECR image failure.
|
||||
type ImageFailure struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
@ -6007,6 +6217,65 @@ func (s *InvalidTagParameterException) RequestID() string {
|
|||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// The operation failed due to a KMS exception.
|
||||
type KmsException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
||||
// The error code returned by AWS KMS.
|
||||
KmsError *string `locationName:"kmsError" type:"string"`
|
||||
|
||||
Message_ *string `locationName:"message" type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
func (s KmsException) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation
|
||||
func (s KmsException) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
func newErrorKmsException(v protocol.ResponseMetadata) error {
|
||||
return &KmsException{
|
||||
RespMetadata: v,
|
||||
}
|
||||
}
|
||||
|
||||
// Code returns the exception type name.
|
||||
func (s *KmsException) Code() string {
|
||||
return "KmsException"
|
||||
}
|
||||
|
||||
// Message returns the exception's message.
|
||||
func (s *KmsException) Message() string {
|
||||
if s.Message_ != nil {
|
||||
return *s.Message_
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// OrigErr always returns nil, satisfies awserr.Error interface.
|
||||
func (s *KmsException) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *KmsException) Error() string {
|
||||
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
|
||||
}
|
||||
|
||||
// Status code returns the HTTP status code for the request's response error.
|
||||
func (s *KmsException) StatusCode() int {
|
||||
return s.RespMetadata.StatusCode
|
||||
}
|
||||
|
||||
// RequestID returns the service's response RequestID for request.
|
||||
func (s *KmsException) RequestID() string {
|
||||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// An object representing an Amazon ECR image layer.
|
||||
type Layer struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
@ -6411,8 +6680,8 @@ func (s *LifecyclePolicyPreviewFilter) SetTagStatus(v string) *LifecyclePolicyPr
|
|||
return s
|
||||
}
|
||||
|
||||
// The previous lifecycle policy preview request has not completed. Please try
|
||||
// again later.
|
||||
// The previous lifecycle policy preview request has not completed. Wait and
|
||||
// try again.
|
||||
type LifecyclePolicyPreviewInProgressException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
@ -6634,8 +6903,7 @@ func (s *LifecyclePolicyRuleAction) SetType(v string) *LifecyclePolicyRuleAction
|
|||
}
|
||||
|
||||
// The operation did not succeed because it would have exceeded a service limit
|
||||
// for your account. For more information, see Amazon ECR Default Service Limits
|
||||
// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html)
|
||||
// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
type LimitExceededException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
@ -6912,13 +7180,22 @@ func (s *ListTagsForResourceOutput) SetTags(v []*Tag) *ListTagsForResourceOutput
|
|||
type PutImageInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The image digest of the image manifest corresponding to the image.
|
||||
ImageDigest *string `locationName:"imageDigest" type:"string"`
|
||||
|
||||
// The image manifest corresponding to the image to be uploaded.
|
||||
//
|
||||
// ImageManifest is a required field
|
||||
ImageManifest *string `locationName:"imageManifest" min:"1" type:"string" required:"true"`
|
||||
|
||||
// The media type of the image manifest. If you push an image manifest that
|
||||
// does not contain the mediaType field, you must specify the imageManifestMediaType
|
||||
// in the request.
|
||||
ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"`
|
||||
|
||||
// The tag to associate with the image. This parameter is required for images
|
||||
// that use the Docker Image Manifest V2 Schema 2 or OCI formats.
|
||||
// that use the Docker Image Manifest V2 Schema 2 or Open Container Initiative
|
||||
// (OCI) formats.
|
||||
ImageTag *string `locationName:"imageTag" min:"1" type:"string"`
|
||||
|
||||
// The AWS account ID associated with the registry that contains the repository
|
||||
|
@ -6967,12 +7244,24 @@ func (s *PutImageInput) Validate() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// SetImageDigest sets the ImageDigest field's value.
|
||||
func (s *PutImageInput) SetImageDigest(v string) *PutImageInput {
|
||||
s.ImageDigest = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageManifest sets the ImageManifest field's value.
|
||||
func (s *PutImageInput) SetImageManifest(v string) *PutImageInput {
|
||||
s.ImageManifest = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageManifestMediaType sets the ImageManifestMediaType field's value.
|
||||
func (s *PutImageInput) SetImageManifestMediaType(v string) *PutImageInput {
|
||||
s.ImageManifestMediaType = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageTag sets the ImageTag field's value.
|
||||
func (s *PutImageInput) SetImageTag(v string) *PutImageInput {
|
||||
s.ImageTag = &v
|
||||
|
@ -7342,6 +7631,62 @@ func (s *PutLifecyclePolicyOutput) SetRepositoryName(v string) *PutLifecyclePoli
|
|||
return s
|
||||
}
|
||||
|
||||
// The manifest list is referencing an image that does not exist.
|
||||
type ReferencedImagesNotFoundException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
||||
Message_ *string `locationName:"message" type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
func (s ReferencedImagesNotFoundException) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation
|
||||
func (s ReferencedImagesNotFoundException) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
func newErrorReferencedImagesNotFoundException(v protocol.ResponseMetadata) error {
|
||||
return &ReferencedImagesNotFoundException{
|
||||
RespMetadata: v,
|
||||
}
|
||||
}
|
||||
|
||||
// Code returns the exception type name.
|
||||
func (s *ReferencedImagesNotFoundException) Code() string {
|
||||
return "ReferencedImagesNotFoundException"
|
||||
}
|
||||
|
||||
// Message returns the exception's message.
|
||||
func (s *ReferencedImagesNotFoundException) Message() string {
|
||||
if s.Message_ != nil {
|
||||
return *s.Message_
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// OrigErr always returns nil, satisfies awserr.Error interface.
|
||||
func (s *ReferencedImagesNotFoundException) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *ReferencedImagesNotFoundException) Error() string {
|
||||
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
|
||||
}
|
||||
|
||||
// Status code returns the HTTP status code for the request's response error.
|
||||
func (s *ReferencedImagesNotFoundException) StatusCode() int {
|
||||
return s.RespMetadata.StatusCode
|
||||
}
|
||||
|
||||
// RequestID returns the service's response RequestID for request.
|
||||
func (s *ReferencedImagesNotFoundException) RequestID() string {
|
||||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// An object representing a repository.
|
||||
type Repository struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
@ -7349,6 +7694,10 @@ type Repository struct {
|
|||
// The date and time, in JavaScript date format, when the repository was created.
|
||||
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"`
|
||||
|
||||
// The encryption configuration for the repository. This determines how the
|
||||
// contents of your repository are encrypted at rest.
|
||||
EncryptionConfiguration *EncryptionConfiguration `locationName:"encryptionConfiguration" type:"structure"`
|
||||
|
||||
// The image scanning configuration for a repository.
|
||||
ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"`
|
||||
|
||||
|
@ -7367,8 +7716,8 @@ type Repository struct {
|
|||
// The name of the repository.
|
||||
RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"`
|
||||
|
||||
// The URI for the repository. You can use this URI for Docker push or pull
|
||||
// operations.
|
||||
// The URI for the repository. You can use this URI for container image push
|
||||
// and pull operations.
|
||||
RepositoryUri *string `locationName:"repositoryUri" type:"string"`
|
||||
}
|
||||
|
||||
|
@ -7388,6 +7737,12 @@ func (s *Repository) SetCreatedAt(v time.Time) *Repository {
|
|||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionConfiguration sets the EncryptionConfiguration field's value.
|
||||
func (s *Repository) SetEncryptionConfiguration(v *EncryptionConfiguration) *Repository {
|
||||
s.EncryptionConfiguration = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetImageScanningConfiguration sets the ImageScanningConfiguration field's value.
|
||||
func (s *Repository) SetImageScanningConfiguration(v *ImageScanningConfiguration) *Repository {
|
||||
s.ImageScanningConfiguration = v
|
||||
|
@ -7778,7 +8133,7 @@ type SetRepositoryPolicyInput struct {
|
|||
Force *bool `locationName:"force" type:"boolean"`
|
||||
|
||||
// The JSON repository policy text to apply to the repository. For more information,
|
||||
// see Amazon ECR Repository Policy Examples (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html)
|
||||
// see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
//
|
||||
// PolicyText is a required field
|
||||
|
@ -8287,6 +8642,62 @@ func (s *TooManyTagsException) RequestID() string {
|
|||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
// The image is of a type that cannot be scanned.
|
||||
type UnsupportedImageTypeException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
||||
Message_ *string `locationName:"message" type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
func (s UnsupportedImageTypeException) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation
|
||||
func (s UnsupportedImageTypeException) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
func newErrorUnsupportedImageTypeException(v protocol.ResponseMetadata) error {
|
||||
return &UnsupportedImageTypeException{
|
||||
RespMetadata: v,
|
||||
}
|
||||
}
|
||||
|
||||
// Code returns the exception type name.
|
||||
func (s *UnsupportedImageTypeException) Code() string {
|
||||
return "UnsupportedImageTypeException"
|
||||
}
|
||||
|
||||
// Message returns the exception's message.
|
||||
func (s *UnsupportedImageTypeException) Message() string {
|
||||
if s.Message_ != nil {
|
||||
return *s.Message_
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// OrigErr always returns nil, satisfies awserr.Error interface.
|
||||
func (s *UnsupportedImageTypeException) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *UnsupportedImageTypeException) Error() string {
|
||||
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
|
||||
}
|
||||
|
||||
// Status code returns the HTTP status code for the request's response error.
|
||||
func (s *UnsupportedImageTypeException) StatusCode() int {
|
||||
return s.RespMetadata.StatusCode
|
||||
}
|
||||
|
||||
// RequestID returns the service's response RequestID for request.
|
||||
func (s *UnsupportedImageTypeException) RequestID() string {
|
||||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
type UntagResourceInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
|
@ -8364,12 +8775,14 @@ type UploadLayerPartInput struct {
|
|||
// LayerPartBlob is a required field
|
||||
LayerPartBlob []byte `locationName:"layerPartBlob" type:"blob" required:"true"`
|
||||
|
||||
// The integer value of the first byte of the layer part.
|
||||
// The position of the first byte of the layer part witin the overall image
|
||||
// layer.
|
||||
//
|
||||
// PartFirstByte is a required field
|
||||
PartFirstByte *int64 `locationName:"partFirstByte" type:"long" required:"true"`
|
||||
|
||||
// The integer value of the last byte of the layer part.
|
||||
// The position of the last byte of the layer part within the overall image
|
||||
// layer.
|
||||
//
|
||||
// PartLastByte is a required field
|
||||
PartLastByte *int64 `locationName:"partLastByte" type:"long" required:"true"`
|
||||
|
@ -8514,7 +8927,7 @@ func (s *UploadLayerPartOutput) SetUploadId(v string) *UploadLayerPartOutput {
|
|||
return s
|
||||
}
|
||||
|
||||
// The upload could not be found, or the specified upload id is not valid for
|
||||
// The upload could not be found, or the specified upload ID is not valid for
|
||||
// this repository.
|
||||
type UploadNotFoundException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
@ -8572,6 +8985,22 @@ func (s *UploadNotFoundException) RequestID() string {
|
|||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
const (
|
||||
// EncryptionTypeAes256 is a EncryptionType enum value
|
||||
EncryptionTypeAes256 = "AES256"
|
||||
|
||||
// EncryptionTypeKms is a EncryptionType enum value
|
||||
EncryptionTypeKms = "KMS"
|
||||
)
|
||||
|
||||
// EncryptionType_Values returns all elements of the EncryptionType enum
|
||||
func EncryptionType_Values() []string {
|
||||
return []string{
|
||||
EncryptionTypeAes256,
|
||||
EncryptionTypeKms,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// FindingSeverityInformational is a FindingSeverity enum value
|
||||
FindingSeverityInformational = "INFORMATIONAL"
|
||||
|
@ -8592,11 +9021,30 @@ const (
|
|||
FindingSeverityUndefined = "UNDEFINED"
|
||||
)
|
||||
|
||||
// FindingSeverity_Values returns all elements of the FindingSeverity enum
|
||||
func FindingSeverity_Values() []string {
|
||||
return []string{
|
||||
FindingSeverityInformational,
|
||||
FindingSeverityLow,
|
||||
FindingSeverityMedium,
|
||||
FindingSeverityHigh,
|
||||
FindingSeverityCritical,
|
||||
FindingSeverityUndefined,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// ImageActionTypeExpire is a ImageActionType enum value
|
||||
ImageActionTypeExpire = "EXPIRE"
|
||||
)
|
||||
|
||||
// ImageActionType_Values returns all elements of the ImageActionType enum
|
||||
func ImageActionType_Values() []string {
|
||||
return []string{
|
||||
ImageActionTypeExpire,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// ImageFailureCodeInvalidImageDigest is a ImageFailureCode enum value
|
||||
ImageFailureCodeInvalidImageDigest = "InvalidImageDigest"
|
||||
|
@ -8612,8 +9060,27 @@ const (
|
|||
|
||||
// ImageFailureCodeMissingDigestAndTag is a ImageFailureCode enum value
|
||||
ImageFailureCodeMissingDigestAndTag = "MissingDigestAndTag"
|
||||
|
||||
// ImageFailureCodeImageReferencedByManifestList is a ImageFailureCode enum value
|
||||
ImageFailureCodeImageReferencedByManifestList = "ImageReferencedByManifestList"
|
||||
|
||||
// ImageFailureCodeKmsError is a ImageFailureCode enum value
|
||||
ImageFailureCodeKmsError = "KmsError"
|
||||
)
|
||||
|
||||
// ImageFailureCode_Values returns all elements of the ImageFailureCode enum
|
||||
func ImageFailureCode_Values() []string {
|
||||
return []string{
|
||||
ImageFailureCodeInvalidImageDigest,
|
||||
ImageFailureCodeInvalidImageTag,
|
||||
ImageFailureCodeImageTagDoesNotMatchDigest,
|
||||
ImageFailureCodeImageNotFound,
|
||||
ImageFailureCodeMissingDigestAndTag,
|
||||
ImageFailureCodeImageReferencedByManifestList,
|
||||
ImageFailureCodeKmsError,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// ImageTagMutabilityMutable is a ImageTagMutability enum value
|
||||
ImageTagMutabilityMutable = "MUTABLE"
|
||||
|
@ -8622,6 +9089,14 @@ const (
|
|||
ImageTagMutabilityImmutable = "IMMUTABLE"
|
||||
)
|
||||
|
||||
// ImageTagMutability_Values returns all elements of the ImageTagMutability enum
|
||||
func ImageTagMutability_Values() []string {
|
||||
return []string{
|
||||
ImageTagMutabilityMutable,
|
||||
ImageTagMutabilityImmutable,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// LayerAvailabilityAvailable is a LayerAvailability enum value
|
||||
LayerAvailabilityAvailable = "AVAILABLE"
|
||||
|
@ -8630,6 +9105,14 @@ const (
|
|||
LayerAvailabilityUnavailable = "UNAVAILABLE"
|
||||
)
|
||||
|
||||
// LayerAvailability_Values returns all elements of the LayerAvailability enum
|
||||
func LayerAvailability_Values() []string {
|
||||
return []string{
|
||||
LayerAvailabilityAvailable,
|
||||
LayerAvailabilityUnavailable,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// LayerFailureCodeInvalidLayerDigest is a LayerFailureCode enum value
|
||||
LayerFailureCodeInvalidLayerDigest = "InvalidLayerDigest"
|
||||
|
@ -8638,6 +9121,14 @@ const (
|
|||
LayerFailureCodeMissingLayerDigest = "MissingLayerDigest"
|
||||
)
|
||||
|
||||
// LayerFailureCode_Values returns all elements of the LayerFailureCode enum
|
||||
func LayerFailureCode_Values() []string {
|
||||
return []string{
|
||||
LayerFailureCodeInvalidLayerDigest,
|
||||
LayerFailureCodeMissingLayerDigest,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// LifecyclePolicyPreviewStatusInProgress is a LifecyclePolicyPreviewStatus enum value
|
||||
LifecyclePolicyPreviewStatusInProgress = "IN_PROGRESS"
|
||||
|
@ -8652,6 +9143,16 @@ const (
|
|||
LifecyclePolicyPreviewStatusFailed = "FAILED"
|
||||
)
|
||||
|
||||
// LifecyclePolicyPreviewStatus_Values returns all elements of the LifecyclePolicyPreviewStatus enum
|
||||
func LifecyclePolicyPreviewStatus_Values() []string {
|
||||
return []string{
|
||||
LifecyclePolicyPreviewStatusInProgress,
|
||||
LifecyclePolicyPreviewStatusComplete,
|
||||
LifecyclePolicyPreviewStatusExpired,
|
||||
LifecyclePolicyPreviewStatusFailed,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// ScanStatusInProgress is a ScanStatus enum value
|
||||
ScanStatusInProgress = "IN_PROGRESS"
|
||||
|
@ -8663,6 +9164,15 @@ const (
|
|||
ScanStatusFailed = "FAILED"
|
||||
)
|
||||
|
||||
// ScanStatus_Values returns all elements of the ScanStatus enum
|
||||
func ScanStatus_Values() []string {
|
||||
return []string{
|
||||
ScanStatusInProgress,
|
||||
ScanStatusComplete,
|
||||
ScanStatusFailed,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// TagStatusTagged is a TagStatus enum value
|
||||
TagStatusTagged = "TAGGED"
|
||||
|
@ -8673,3 +9183,12 @@ const (
|
|||
// TagStatusAny is a TagStatus enum value
|
||||
TagStatusAny = "ANY"
|
||||
)
|
||||
|
||||
// TagStatus_Values returns all elements of the TagStatus enum
|
||||
func TagStatus_Values() []string {
|
||||
return []string{
|
||||
TagStatusTagged,
|
||||
TagStatusUntagged,
|
||||
TagStatusAny,
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,12 +3,13 @@
|
|||
// Package ecr provides the client and types for making API
|
||||
// requests to Amazon EC2 Container Registry.
|
||||
//
|
||||
// Amazon Elastic Container Registry (Amazon ECR) is a managed Docker registry
|
||||
// service. Customers can use the familiar Docker CLI to push, pull, and manage
|
||||
// images. Amazon ECR provides a secure, scalable, and reliable registry. Amazon
|
||||
// ECR supports private Docker repositories with resource-based permissions
|
||||
// Amazon Elastic Container Registry (Amazon ECR) is a managed container image
|
||||
// registry service. Customers can use the familiar Docker CLI, or their preferred
|
||||
// client, to push, pull, and manage images. Amazon ECR provides a secure, scalable,
|
||||
// and reliable registry for your Docker or Open Container Initiative (OCI)
|
||||
// images. Amazon ECR supports private repositories with resource-based permissions
|
||||
// using IAM so that specific users or Amazon EC2 instances can access repositories
|
||||
// and images. Developers can use the Docker CLI to author and manage images.
|
||||
// and images.
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -21,6 +21,13 @@ const (
|
|||
// the manifest or image tag after the last push.
|
||||
ErrCodeImageAlreadyExistsException = "ImageAlreadyExistsException"
|
||||
|
||||
// ErrCodeImageDigestDoesNotMatchException for service response error code
|
||||
// "ImageDigestDoesNotMatchException".
|
||||
//
|
||||
// The specified image digest does not match the digest that Amazon ECR calculated
|
||||
// for the image.
|
||||
ErrCodeImageDigestDoesNotMatchException = "ImageDigestDoesNotMatchException"
|
||||
|
||||
// ErrCodeImageNotFoundException for service response error code
|
||||
// "ImageNotFoundException".
|
||||
//
|
||||
|
@ -63,6 +70,12 @@ const (
|
|||
// characters.
|
||||
ErrCodeInvalidTagParameterException = "InvalidTagParameterException"
|
||||
|
||||
// ErrCodeKmsException for service response error code
|
||||
// "KmsException".
|
||||
//
|
||||
// The operation failed due to a KMS exception.
|
||||
ErrCodeKmsException = "KmsException"
|
||||
|
||||
// ErrCodeLayerAlreadyExistsException for service response error code
|
||||
// "LayerAlreadyExistsException".
|
||||
//
|
||||
|
@ -98,8 +111,8 @@ const (
|
|||
// ErrCodeLifecyclePolicyPreviewInProgressException for service response error code
|
||||
// "LifecyclePolicyPreviewInProgressException".
|
||||
//
|
||||
// The previous lifecycle policy preview request has not completed. Please try
|
||||
// again later.
|
||||
// The previous lifecycle policy preview request has not completed. Wait and
|
||||
// try again.
|
||||
ErrCodeLifecyclePolicyPreviewInProgressException = "LifecyclePolicyPreviewInProgressException"
|
||||
|
||||
// ErrCodeLifecyclePolicyPreviewNotFoundException for service response error code
|
||||
|
@ -112,11 +125,16 @@ const (
|
|||
// "LimitExceededException".
|
||||
//
|
||||
// The operation did not succeed because it would have exceeded a service limit
|
||||
// for your account. For more information, see Amazon ECR Default Service Limits
|
||||
// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html)
|
||||
// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html)
|
||||
// in the Amazon Elastic Container Registry User Guide.
|
||||
ErrCodeLimitExceededException = "LimitExceededException"
|
||||
|
||||
// ErrCodeReferencedImagesNotFoundException for service response error code
|
||||
// "ReferencedImagesNotFoundException".
|
||||
//
|
||||
// The manifest list is referencing an image that does not exist.
|
||||
ErrCodeReferencedImagesNotFoundException = "ReferencedImagesNotFoundException"
|
||||
|
||||
// ErrCodeRepositoryAlreadyExistsException for service response error code
|
||||
// "RepositoryAlreadyExistsException".
|
||||
//
|
||||
|
@ -164,10 +182,16 @@ const (
|
|||
// of tags that can be applied to a repository is 50.
|
||||
ErrCodeTooManyTagsException = "TooManyTagsException"
|
||||
|
||||
// ErrCodeUnsupportedImageTypeException for service response error code
|
||||
// "UnsupportedImageTypeException".
|
||||
//
|
||||
// The image is of a type that cannot be scanned.
|
||||
ErrCodeUnsupportedImageTypeException = "UnsupportedImageTypeException"
|
||||
|
||||
// ErrCodeUploadNotFoundException for service response error code
|
||||
// "UploadNotFoundException".
|
||||
//
|
||||
// The upload could not be found, or the specified upload id is not valid for
|
||||
// The upload could not be found, or the specified upload ID is not valid for
|
||||
// this repository.
|
||||
ErrCodeUploadNotFoundException = "UploadNotFoundException"
|
||||
)
|
||||
|
@ -175,12 +199,14 @@ const (
|
|||
var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
||||
"EmptyUploadException": newErrorEmptyUploadException,
|
||||
"ImageAlreadyExistsException": newErrorImageAlreadyExistsException,
|
||||
"ImageDigestDoesNotMatchException": newErrorImageDigestDoesNotMatchException,
|
||||
"ImageNotFoundException": newErrorImageNotFoundException,
|
||||
"ImageTagAlreadyExistsException": newErrorImageTagAlreadyExistsException,
|
||||
"InvalidLayerException": newErrorInvalidLayerException,
|
||||
"InvalidLayerPartException": newErrorInvalidLayerPartException,
|
||||
"InvalidParameterException": newErrorInvalidParameterException,
|
||||
"InvalidTagParameterException": newErrorInvalidTagParameterException,
|
||||
"KmsException": newErrorKmsException,
|
||||
"LayerAlreadyExistsException": newErrorLayerAlreadyExistsException,
|
||||
"LayerInaccessibleException": newErrorLayerInaccessibleException,
|
||||
"LayerPartTooSmallException": newErrorLayerPartTooSmallException,
|
||||
|
@ -189,6 +215,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
|||
"LifecyclePolicyPreviewInProgressException": newErrorLifecyclePolicyPreviewInProgressException,
|
||||
"LifecyclePolicyPreviewNotFoundException": newErrorLifecyclePolicyPreviewNotFoundException,
|
||||
"LimitExceededException": newErrorLimitExceededException,
|
||||
"ReferencedImagesNotFoundException": newErrorReferencedImagesNotFoundException,
|
||||
"RepositoryAlreadyExistsException": newErrorRepositoryAlreadyExistsException,
|
||||
"RepositoryNotEmptyException": newErrorRepositoryNotEmptyException,
|
||||
"RepositoryNotFoundException": newErrorRepositoryNotFoundException,
|
||||
|
@ -196,5 +223,6 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
|||
"ScanNotFoundException": newErrorScanNotFoundException,
|
||||
"ServerException": newErrorServerException,
|
||||
"TooManyTagsException": newErrorTooManyTagsException,
|
||||
"UnsupportedImageTypeException": newErrorUnsupportedImageTypeException,
|
||||
"UploadNotFoundException": newErrorUploadNotFoundException,
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -3,59 +3,12 @@
|
|||
// Package iam provides the client and types for making API
|
||||
// requests to AWS Identity and Access Management.
|
||||
//
|
||||
// AWS Identity and Access Management (IAM) is a web service that you can use
|
||||
// to manage users and user permissions under your AWS account. This guide provides
|
||||
// descriptions of IAM actions that you can call programmatically. For general
|
||||
// information about IAM, see AWS Identity and Access Management (IAM) (http://aws.amazon.com/iam/).
|
||||
// For the user guide for IAM, see Using IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/).
|
||||
//
|
||||
// AWS provides SDKs that consist of libraries and sample code for various programming
|
||||
// languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs
|
||||
// provide a convenient way to create programmatic access to IAM and AWS. For
|
||||
// example, the SDKs take care of tasks such as cryptographically signing requests
|
||||
// (see below), managing errors, and retrying requests automatically. For information
|
||||
// about the AWS SDKs, including how to download and install them, see the Tools
|
||||
// for Amazon Web Services (http://aws.amazon.com/tools/) page.
|
||||
//
|
||||
// We recommend that you use the AWS SDKs to make programmatic API calls to
|
||||
// IAM. However, you can also use the IAM Query API to make direct calls to
|
||||
// the IAM web service. To learn more about the IAM Query API, see Making Query
|
||||
// Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
|
||||
// in the Using IAM guide. IAM supports GET and POST requests for all actions.
|
||||
// That is, the API does not require you to use GET for some actions and POST
|
||||
// for others. However, GET requests are subject to the limitation size of a
|
||||
// URL. Therefore, for operations that require larger sizes, use a POST request.
|
||||
//
|
||||
// Signing Requests
|
||||
//
|
||||
// Requests must be signed using an access key ID and a secret access key. We
|
||||
// strongly recommend that you do not use your AWS account access key ID and
|
||||
// secret access key for everyday work with IAM. You can use the access key
|
||||
// ID and secret access key for an IAM user or you can use the AWS Security
|
||||
// Token Service to generate temporary security credentials and use those to
|
||||
// sign requests.
|
||||
//
|
||||
// To sign requests, we recommend that you use Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
|
||||
// If you have an existing application that uses Signature Version 2, you do
|
||||
// not have to update it to use Signature Version 4. However, some operations
|
||||
// now require Signature Version 4. The documentation for operations that require
|
||||
// version 4 indicate this requirement.
|
||||
//
|
||||
// Additional Resources
|
||||
//
|
||||
// For more information, see the following:
|
||||
//
|
||||
// * AWS Security Credentials (https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html).
|
||||
// This topic provides general information about the types of credentials
|
||||
// used for accessing AWS.
|
||||
//
|
||||
// * IAM Best Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html).
|
||||
// This topic presents a list of suggestions for using the IAM service to
|
||||
// help secure your AWS resources.
|
||||
//
|
||||
// * Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html).
|
||||
// This set of topics walk you through the process of signing a request using
|
||||
// an access key ID and secret access key.
|
||||
// AWS Identity and Access Management (IAM) is a web service for securely controlling
|
||||
// access to AWS services. With IAM, you can centrally manage users, security
|
||||
// credentials such as access keys, and permissions that control which AWS resources
|
||||
// users and applications can access. For more information about IAM, see AWS
|
||||
// Identity and Access Management (IAM) (http://aws.amazon.com/iam/) and the
|
||||
// AWS Identity and Access Management User Guide (https://docs.aws.amazon.com/IAM/latest/UserGuide/).
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -117,7 +117,8 @@ const (
|
|||
// "LimitExceeded".
|
||||
//
|
||||
// The request was rejected because it attempted to create resources beyond
|
||||
// the current AWS account limits. The error message describes the limit exceeded.
|
||||
// the current AWS account limitations. The error message describes the limit
|
||||
// exceeded.
|
||||
ErrCodeLimitExceededException = "LimitExceeded"
|
||||
|
||||
// ErrCodeMalformedCertificateException for service response error code
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -13,7 +13,6 @@ import (
|
|||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/sdkio"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -25,30 +24,6 @@ const (
|
|||
appendMD5TxEncoding = "append-md5"
|
||||
)
|
||||
|
||||
// contentMD5 computes and sets the HTTP Content-MD5 header for requests that
|
||||
// require it.
|
||||
func contentMD5(r *request.Request) {
|
||||
h := md5.New()
|
||||
|
||||
if !aws.IsReaderSeekable(r.Body) {
|
||||
if r.Config.Logger != nil {
|
||||
r.Config.Logger.Log(fmt.Sprintf(
|
||||
"Unable to compute Content-MD5 for unseekable body, S3.%s",
|
||||
r.Operation.Name))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if _, err := copySeekableBody(h, r.Body); err != nil {
|
||||
r.Error = awserr.New("ContentMD5", "failed to compute body MD5", err)
|
||||
return
|
||||
}
|
||||
|
||||
// encode the md5 checksum in base64 and set the request header.
|
||||
v := base64.StdEncoding.EncodeToString(h.Sum(nil))
|
||||
r.HTTPRequest.Header.Set(contentMD5Header, v)
|
||||
}
|
||||
|
||||
// computeBodyHashes will add Content MD5 and Content Sha256 hashes to the
|
||||
// request. If the body is not seekable or S3DisableContentMD5Validation set
|
||||
// this handler will be ignored.
|
||||
|
@ -90,7 +65,7 @@ func computeBodyHashes(r *request.Request) {
|
|||
dst = io.MultiWriter(hashers...)
|
||||
}
|
||||
|
||||
if _, err := copySeekableBody(dst, r.Body); err != nil {
|
||||
if _, err := aws.CopySeekableBody(dst, r.Body); err != nil {
|
||||
r.Error = awserr.New("BodyHashError", "failed to compute body hashes", err)
|
||||
return
|
||||
}
|
||||
|
@ -119,28 +94,6 @@ const (
|
|||
sha256HexEncLen = sha256.Size * 2 // hex.EncodedLen
|
||||
)
|
||||
|
||||
func copySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) {
|
||||
curPos, err := src.Seek(0, sdkio.SeekCurrent)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
||||
// hash the body. seek back to the first position after reading to reset
|
||||
// the body for transmission. copy errors may be assumed to be from the
|
||||
// body.
|
||||
n, err := io.Copy(dst, src)
|
||||
if err != nil {
|
||||
return n, err
|
||||
}
|
||||
|
||||
_, err = src.Seek(curPos, sdkio.SeekStart)
|
||||
if err != nil {
|
||||
return n, err
|
||||
}
|
||||
|
||||
return n, nil
|
||||
}
|
||||
|
||||
// Adds the x-amz-te: append_md5 header to the request. This requests the service
|
||||
// responds with a trailing MD5 checksum.
|
||||
//
|
||||
|
|
|
@ -33,12 +33,6 @@ func defaultInitRequestFn(r *request.Request) {
|
|||
platformRequestHandlers(r)
|
||||
|
||||
switch r.Operation.Name {
|
||||
case opPutBucketCors, opPutBucketLifecycle, opPutBucketPolicy,
|
||||
opPutBucketTagging, opDeleteObjects, opPutBucketLifecycleConfiguration,
|
||||
opPutObjectLegalHold, opPutObjectRetention, opPutObjectLockConfiguration,
|
||||
opPutBucketReplication:
|
||||
// These S3 operations require Content-MD5 to be set
|
||||
r.Handlers.Build.PushBack(contentMD5)
|
||||
case opGetBucketLocation:
|
||||
// GetBucketLocation has custom parsing logic
|
||||
r.Handlers.Unmarshal.PushFront(buildGetBucketLocation)
|
||||
|
|
|
@ -104,19 +104,6 @@
|
|||
// content from S3. The Encryption and Decryption clients can be used concurrently
|
||||
// once the client is created.
|
||||
//
|
||||
// sess := session.Must(session.NewSession())
|
||||
//
|
||||
// // Create the decryption client.
|
||||
// svc := s3crypto.NewDecryptionClient(sess)
|
||||
//
|
||||
// // The object will be downloaded from S3 and decrypted locally. By metadata
|
||||
// // about the object's encryption will instruct the decryption client how
|
||||
// // decrypt the content of the object. By default KMS is used for keys.
|
||||
// result, err := svc.GetObject(&s3.GetObjectInput {
|
||||
// Bucket: aws.String(myBucket),
|
||||
// Key: aws.String(myKey),
|
||||
// })
|
||||
//
|
||||
// See the s3crypto package documentation for more information.
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/service/s3/s3crypto/
|
||||
//
|
||||
|
|
|
@ -3,6 +3,7 @@ package s3manager
|
|||
import (
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/corehandlers"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/service/s3"
|
||||
|
@ -35,6 +36,30 @@ import (
|
|||
// }
|
||||
// fmt.Printf("Bucket %s is in %s region\n", bucket, region)
|
||||
//
|
||||
// By default the request will be made to the Amazon S3 endpoint using the Path
|
||||
// style addressing.
|
||||
//
|
||||
// s3.us-west-2.amazonaws.com/bucketname
|
||||
//
|
||||
// This is not compatible with Amazon S3's FIPS endpoints. To override this
|
||||
// behavior to use Virtual Host style addressing, provide a functional option
|
||||
// that will set the Request's Config.S3ForcePathStyle to aws.Bool(false).
|
||||
//
|
||||
// region, err := s3manager.GetBucketRegion(ctx, sess, "bucketname", "us-west-2", func(r *request.Request) {
|
||||
// r.S3ForcePathStyle = aws.Bool(false)
|
||||
// })
|
||||
//
|
||||
// To configure the GetBucketRegion to make a request via the Amazon
|
||||
// S3 FIPS endpoints directly when a FIPS region name is not available, (e.g.
|
||||
// fips-us-gov-west-1) set the Config.Endpoint on the Session, or client the
|
||||
// utility is called with. The hint region will be ignored if an endpoint URL
|
||||
// is configured on the session or client.
|
||||
//
|
||||
// sess, err := session.NewSession(&aws.Config{
|
||||
// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"),
|
||||
// })
|
||||
//
|
||||
// region, err := s3manager.GetBucketRegion(context.Background(), sess, "bucketname", "")
|
||||
func GetBucketRegion(ctx aws.Context, c client.ConfigProvider, bucket, regionHint string, opts ...request.Option) (string, error) {
|
||||
var cfg aws.Config
|
||||
if len(regionHint) != 0 {
|
||||
|
@ -50,12 +75,38 @@ const bucketRegionHeader = "X-Amz-Bucket-Region"
|
|||
// that it takes a S3 service client instead of a Session. The regionHint is
|
||||
// derived from the region the S3 service client was created in.
|
||||
//
|
||||
// By default the request will be made to the Amazon S3 endpoint using the Path
|
||||
// style addressing.
|
||||
//
|
||||
// s3.us-west-2.amazonaws.com/bucketname
|
||||
//
|
||||
// This is not compatible with Amazon S3's FIPS endpoints. To override this
|
||||
// behavior to use Virtual Host style addressing, provide a functional option
|
||||
// that will set the Request's Config.S3ForcePathStyle to aws.Bool(false).
|
||||
//
|
||||
// region, err := s3manager.GetBucketRegionWithClient(ctx, client, "bucketname", func(r *request.Request) {
|
||||
// r.S3ForcePathStyle = aws.Bool(false)
|
||||
// })
|
||||
//
|
||||
// To configure the GetBucketRegion to make a request via the Amazon
|
||||
// S3 FIPS endpoints directly when a FIPS region name is not available, (e.g.
|
||||
// fips-us-gov-west-1) set the Config.Endpoint on the Session, or client the
|
||||
// utility is called with. The hint region will be ignored if an endpoint URL
|
||||
// is configured on the session or client.
|
||||
//
|
||||
// region, err := s3manager.GetBucketRegionWithClient(context.Background(),
|
||||
// s3.New(sess, &aws.Config{
|
||||
// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"),
|
||||
// }),
|
||||
// "bucketname")
|
||||
//
|
||||
// See GetBucketRegion for more information.
|
||||
func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string, opts ...request.Option) (string, error) {
|
||||
req, _ := svc.HeadBucketRequest(&s3.HeadBucketInput{
|
||||
Bucket: aws.String(bucket),
|
||||
})
|
||||
req.Config.S3ForcePathStyle = aws.Bool(true)
|
||||
|
||||
req.Config.Credentials = credentials.AnonymousCredentials
|
||||
req.SetContext(ctx)
|
||||
|
||||
|
@ -75,6 +126,16 @@ func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string
|
|||
r.HTTPResponse.Status = "OK"
|
||||
r.Error = nil
|
||||
})
|
||||
// Replace the endpoint validation handler to not require a region if an
|
||||
// endpoint URL was specified. Since these requests are not authenticated,
|
||||
// requiring a region is not needed when an endpoint URL is provided.
|
||||
req.Handlers.Validate.Swap(
|
||||
corehandlers.ValidateEndpointHandler.Name,
|
||||
request.NamedHandler{
|
||||
Name: "validateEndpointWithoutRegion",
|
||||
Fn: validateEndpointWithoutRegion,
|
||||
},
|
||||
)
|
||||
|
||||
req.ApplyOptions(opts...)
|
||||
|
||||
|
@ -86,3 +147,13 @@ func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string
|
|||
|
||||
return bucketRegion, nil
|
||||
}
|
||||
|
||||
func validateEndpointWithoutRegion(r *request.Request) {
|
||||
// Check if the caller provided an explicit URL instead of one derived by
|
||||
// the SDK's endpoint resolver. For GetBucketRegion, with an explicit
|
||||
// endpoint URL, a region is not needed. If no endpoint URL is provided,
|
||||
// fallback the SDK's standard endpoint validation handler.
|
||||
if len(aws.StringValue(r.Config.Endpoint)) == 0 {
|
||||
corehandlers.ValidateEndpointHandler.Fn(r)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -63,6 +63,11 @@ type UploadInput struct {
|
|||
// see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17).
|
||||
ContentType *string `location:"header" locationName:"Content-Type" type:"string"`
|
||||
|
||||
// The account id of the expected bucket owner. If the bucket is owned by a
|
||||
// different account, the request will fail with an HTTP 403 (Access Denied)
|
||||
// error.
|
||||
ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"`
|
||||
|
||||
// The date and time at which the object is no longer cacheable. For more information,
|
||||
// see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21).
|
||||
Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"`
|
||||
|
@ -111,7 +116,7 @@ type UploadInput struct {
|
|||
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
|
||||
// data. This value is used to store the object and then it is discarded; Amazon
|
||||
// S3 does not store the encryption key. The key must be appropriate for use
|
||||
// with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
|
||||
// with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
|
||||
// header.
|
||||
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
|
||||
|
||||
|
@ -141,8 +146,8 @@ type UploadInput struct {
|
|||
// S3 (for example, AES256, aws:kms).
|
||||
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
|
||||
|
||||
// If you don't specify, Standard is the default storage class. Amazon S3 supports
|
||||
// other storage classes.
|
||||
// If you don't specify, S3 Standard is the default storage class. Amazon S3
|
||||
// supports other storage classes.
|
||||
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
|
||||
|
||||
// The tag-set for the object. The tag-set must be encoded as URL Query parameters.
|
||||
|
|
|
@ -69,7 +69,7 @@ func computeKeyMD5(keyHeader, keyMD5Header, key string, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
// In backwards compatiable, the header's value is not base64 encoded,
|
||||
// In backwards compatible, the header's value is not base64 encoded,
|
||||
// and needs to be encoded and updated by the SDK's customizations.
|
||||
b64Key := base64.StdEncoding.EncodeToString([]byte(key))
|
||||
r.Header.Set(keyHeader, b64Key)
|
||||
|
|
|
@ -2,6 +2,7 @@ package s3
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
|
||||
|
@ -24,17 +25,18 @@ func copyMultipartStatusOKUnmarhsalError(r *request.Request) {
|
|||
r.HTTPResponse.Body = ioutil.NopCloser(body)
|
||||
defer body.Seek(0, sdkio.SeekStart)
|
||||
|
||||
if body.Len() == 0 {
|
||||
// If there is no body don't attempt to parse the body.
|
||||
return
|
||||
}
|
||||
|
||||
unmarshalError(r)
|
||||
if err, ok := r.Error.(awserr.Error); ok && err != nil {
|
||||
if err.Code() == request.ErrCodeSerialization {
|
||||
if err.Code() == request.ErrCodeSerialization &&
|
||||
err.OrigErr() != io.EOF {
|
||||
r.Error = nil
|
||||
return
|
||||
}
|
||||
r.HTTPResponse.StatusCode = http.StatusServiceUnavailable
|
||||
// if empty payload
|
||||
if err.OrigErr() == io.EOF {
|
||||
r.HTTPResponse.StatusCode = http.StatusInternalServerError
|
||||
} else {
|
||||
r.HTTPResponse.StatusCode = http.StatusServiceUnavailable
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package s3
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
"io"
|
||||
|
@ -45,17 +46,24 @@ func unmarshalError(r *request.Request) {
|
|||
|
||||
// Attempt to parse error from body if it is known
|
||||
var errResp xmlErrorResponse
|
||||
err := xmlutil.UnmarshalXMLError(&errResp, r.HTTPResponse.Body)
|
||||
if err == io.EOF {
|
||||
// Only capture the error if an unmarshal error occurs that is not EOF,
|
||||
// because S3 might send an error without a error message which causes
|
||||
// the XML unmarshal to fail with EOF.
|
||||
err = nil
|
||||
var err error
|
||||
if r.HTTPResponse.StatusCode >= 200 && r.HTTPResponse.StatusCode < 300 {
|
||||
err = s3unmarshalXMLError(&errResp, r.HTTPResponse.Body)
|
||||
} else {
|
||||
err = xmlutil.UnmarshalXMLError(&errResp, r.HTTPResponse.Body)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
var errorMsg string
|
||||
if err == io.EOF {
|
||||
errorMsg = "empty response payload"
|
||||
} else {
|
||||
errorMsg = "failed to unmarshal error message"
|
||||
}
|
||||
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
"failed to unmarshal error message", err),
|
||||
errorMsg, err),
|
||||
r.HTTPResponse.StatusCode,
|
||||
r.RequestID,
|
||||
)
|
||||
|
@ -86,3 +94,21 @@ type RequestFailure interface {
|
|||
// Host ID is the S3 Host ID needed for debug, and contacting support
|
||||
HostID() string
|
||||
}
|
||||
|
||||
// s3unmarshalXMLError is s3 specific xml error unmarshaler
|
||||
// for 200 OK errors and response payloads.
|
||||
// This function differs from the xmlUtil.UnmarshalXMLError
|
||||
// func. It does not ignore the EOF error and passes it up.
|
||||
// Related to bug fix for `s3 200 OK response with empty payload`
|
||||
func s3unmarshalXMLError(v interface{}, stream io.Reader) error {
|
||||
var errBuf bytes.Buffer
|
||||
body := io.TeeReader(stream, &errBuf)
|
||||
|
||||
err := xml.NewDecoder(body).Decode(v)
|
||||
if err != nil && err != io.EOF {
|
||||
return awserr.NewUnmarshalError(err,
|
||||
"failed to unmarshal error message", errBuf.Bytes())
|
||||
}
|
||||
|
||||
return err
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -3,7 +3,7 @@
|
|||
// Package secretsmanager provides the client and types for making API
|
||||
// requests to AWS Secrets Manager.
|
||||
//
|
||||
// AWS Secrets Manager is a web service that enables you to store, manage, and
|
||||
// AWS Secrets Manager provides a service to enable you to store, manage, and
|
||||
// retrieve, secrets.
|
||||
//
|
||||
// This guide provides descriptions of the Secrets Manager API. For more information
|
||||
|
@ -14,25 +14,25 @@
|
|||
// This version of the Secrets Manager API Reference documents the Secrets Manager
|
||||
// API version 2017-10-17.
|
||||
//
|
||||
// As an alternative to using the API directly, you can use one of the AWS SDKs,
|
||||
// which consist of libraries and sample code for various programming languages
|
||||
// and platforms (such as Java, Ruby, .NET, iOS, and Android). The SDKs provide
|
||||
// a convenient way to create programmatic access to AWS Secrets Manager. For
|
||||
// example, the SDKs take care of cryptographically signing requests, managing
|
||||
// errors, and retrying requests automatically. For more information about the
|
||||
// AWS SDKs, including how to download and install them, see Tools for Amazon
|
||||
// Web Services (http://aws.amazon.com/tools/).
|
||||
// As an alternative to using the API, you can use one of the AWS SDKs, which
|
||||
// consist of libraries and sample code for various programming languages and
|
||||
// platforms such as Java, Ruby, .NET, iOS, and Android. The SDKs provide a
|
||||
// convenient way to create programmatic access to AWS Secrets Manager. For
|
||||
// example, the SDKs provide cryptographically signing requests, managing errors,
|
||||
// and retrying requests automatically. For more information about the AWS SDKs,
|
||||
// including downloading and installing them, see Tools for Amazon Web Services
|
||||
// (http://aws.amazon.com/tools/).
|
||||
//
|
||||
// We recommend that you use the AWS SDKs to make programmatic API calls to
|
||||
// Secrets Manager. However, you also can use the Secrets Manager HTTP Query
|
||||
// API to make direct calls to the Secrets Manager web service. To learn more
|
||||
// about the Secrets Manager HTTP Query API, see Making Query Requests (https://docs.aws.amazon.com/secretsmanager/latest/userguide/query-requests.html)
|
||||
// We recommend you use the AWS SDKs to make programmatic API calls to Secrets
|
||||
// Manager. However, you also can use the Secrets Manager HTTP Query API to
|
||||
// make direct calls to the Secrets Manager web service. To learn more about
|
||||
// the Secrets Manager HTTP Query API, see Making Query Requests (https://docs.aws.amazon.com/secretsmanager/latest/userguide/query-requests.html)
|
||||
// in the AWS Secrets Manager User Guide.
|
||||
//
|
||||
// Secrets Manager supports GET and POST requests for all actions. That is,
|
||||
// the API doesn't require you to use GET for some actions and POST for others.
|
||||
// However, GET requests are subject to the limitation size of a URL. Therefore,
|
||||
// for operations that require larger sizes, use a POST request.
|
||||
// Secrets Manager API supports GET and POST requests for all actions, and doesn't
|
||||
// require you to use GET for some actions and POST for others. However, GET
|
||||
// requests are subject to the limitation size of a URL. Therefore, for operations
|
||||
// that require larger sizes, use a POST request.
|
||||
//
|
||||
// Support and Feedback for AWS Secrets Manager
|
||||
//
|
||||
|
@ -44,25 +44,24 @@
|
|||
// How examples are presented
|
||||
//
|
||||
// The JSON that AWS Secrets Manager expects as your request parameters and
|
||||
// that the service returns as a response to HTTP query requests are single,
|
||||
// the service returns as a response to HTTP query requests contain single,
|
||||
// long strings without line breaks or white space formatting. The JSON shown
|
||||
// in the examples is formatted with both line breaks and white space to improve
|
||||
// readability. When example input parameters would also result in long strings
|
||||
// that extend beyond the screen, we insert line breaks to enhance readability.
|
||||
// You should always submit the input as a single JSON text string.
|
||||
// in the examples displays the code formatted with both line breaks and white
|
||||
// space to improve readability. When example input parameters can also cause
|
||||
// long strings extending beyond the screen, you can insert line breaks to enhance
|
||||
// readability. You should always submit the input as a single JSON text string.
|
||||
//
|
||||
// Logging API Requests
|
||||
//
|
||||
// AWS Secrets Manager supports AWS CloudTrail, a service that records AWS API
|
||||
// calls for your AWS account and delivers log files to an Amazon S3 bucket.
|
||||
// By using information that's collected by AWS CloudTrail, you can determine
|
||||
// which requests were successfully made to Secrets Manager, who made the request,
|
||||
// when it was made, and so on. For more about AWS Secrets Manager and its support
|
||||
// the requests successfully made to Secrets Manager, who made the request,
|
||||
// when it was made, and so on. For more about AWS Secrets Manager and support
|
||||
// for AWS CloudTrail, see Logging AWS Secrets Manager Events with AWS CloudTrail
|
||||
// (http://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring.html#monitoring_cloudtrail)
|
||||
// in the AWS Secrets Manager User Guide. To learn more about CloudTrail, including
|
||||
// how to turn it on and find your log files, see the AWS CloudTrail User Guide
|
||||
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).
|
||||
// enabling it and find your log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -77,6 +77,12 @@ const (
|
|||
// The request failed because you did not complete all the prerequisite steps.
|
||||
ErrCodePreconditionNotMetException = "PreconditionNotMetException"
|
||||
|
||||
// ErrCodePublicPolicyException for service response error code
|
||||
// "PublicPolicyException".
|
||||
//
|
||||
// The resource policy did not prevent broad access to the secret.
|
||||
ErrCodePublicPolicyException = "PublicPolicyException"
|
||||
|
||||
// ErrCodeResourceExistsException for service response error code
|
||||
// "ResourceExistsException".
|
||||
//
|
||||
|
@ -100,6 +106,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
|||
"LimitExceededException": newErrorLimitExceededException,
|
||||
"MalformedPolicyDocumentException": newErrorMalformedPolicyDocumentException,
|
||||
"PreconditionNotMetException": newErrorPreconditionNotMetException,
|
||||
"PublicPolicyException": newErrorPublicPolicyException,
|
||||
"ResourceExistsException": newErrorResourceExistsException,
|
||||
"ResourceNotFoundException": newErrorResourceNotFoundException,
|
||||
}
|
||||
|
|
|
@ -137,6 +137,10 @@ type SecretsManagerAPI interface {
|
|||
UpdateSecretVersionStage(*secretsmanager.UpdateSecretVersionStageInput) (*secretsmanager.UpdateSecretVersionStageOutput, error)
|
||||
UpdateSecretVersionStageWithContext(aws.Context, *secretsmanager.UpdateSecretVersionStageInput, ...request.Option) (*secretsmanager.UpdateSecretVersionStageOutput, error)
|
||||
UpdateSecretVersionStageRequest(*secretsmanager.UpdateSecretVersionStageInput) (*request.Request, *secretsmanager.UpdateSecretVersionStageOutput)
|
||||
|
||||
ValidateResourcePolicy(*secretsmanager.ValidateResourcePolicyInput) (*secretsmanager.ValidateResourcePolicyOutput, error)
|
||||
ValidateResourcePolicyWithContext(aws.Context, *secretsmanager.ValidateResourcePolicyInput, ...request.Option) (*secretsmanager.ValidateResourcePolicyOutput, error)
|
||||
ValidateResourcePolicyRequest(*secretsmanager.ValidateResourcePolicyInput) (*request.Request, *secretsmanager.ValidateResourcePolicyOutput)
|
||||
}
|
||||
|
||||
var _ SecretsManagerAPI = (*secretsmanager.SecretsManager)(nil)
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -8,19 +8,20 @@
|
|||
// system (OS) patches, automating the creation of Amazon Machine Images (AMIs),
|
||||
// and configuring operating systems (OSs) and applications at scale. Systems
|
||||
// Manager lets you remotely and securely manage the configuration of your managed
|
||||
// instances. A managed instance is any Amazon EC2 instance or on-premises machine
|
||||
// in your hybrid environment that has been configured for Systems Manager.
|
||||
// instances. A managed instance is any Amazon Elastic Compute Cloud instance
|
||||
// (EC2 instance), or any on-premises server or virtual machine (VM) in your
|
||||
// hybrid environment that has been configured for Systems Manager.
|
||||
//
|
||||
// This reference is intended to be used with the AWS Systems Manager User Guide
|
||||
// (http://docs.aws.amazon.com/systems-manager/latest/userguide/).
|
||||
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/).
|
||||
//
|
||||
// To get started, verify prerequisites and configure managed instances. For
|
||||
// more information, see Setting Up AWS Systems Manager (http://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up.html)
|
||||
// more information, see Setting up AWS Systems Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
//
|
||||
// For information about other API actions you can perform on Amazon EC2 instances,
|
||||
// see the Amazon EC2 API Reference (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/).
|
||||
// For information about how to use a Query API, see Making API Requests (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/making-api-requests.html).
|
||||
// For information about other API actions you can perform on EC2 instances,
|
||||
// see the Amazon EC2 API Reference (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/).
|
||||
// For information about how to use a Query API, see Making API requests (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/making-api-requests.html).
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -134,7 +134,7 @@ const (
|
|||
// window or Patch baseline, doesn't exist.
|
||||
//
|
||||
// For information about resource quotas in Systems Manager, see Systems Manager
|
||||
// Service Quotas (http://docs.aws.amazon.com/general/latest/gr/ssm.html#limits_ssm)
|
||||
// service quotas (http://docs.aws.amazon.com/general/latest/gr/ssm.html#limits_ssm)
|
||||
// in the AWS General Reference.
|
||||
ErrCodeDoesNotExistException = "DoesNotExistException"
|
||||
|
||||
|
@ -169,7 +169,7 @@ const (
|
|||
// "HierarchyLevelLimitExceededException".
|
||||
//
|
||||
// A hierarchy can have a maximum of 15 levels. For more information, see Requirements
|
||||
// and Constraints for Parameter Names (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html)
|
||||
// and constraints for parameter names (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
ErrCodeHierarchyLevelLimitExceededException = "HierarchyLevelLimitExceededException"
|
||||
|
||||
|
@ -489,7 +489,7 @@ const (
|
|||
// The role name can't contain invalid characters. Also verify that you specified
|
||||
// an IAM role for notifications that includes the required trust policy. For
|
||||
// information about configuring the IAM role for Run Command notifications,
|
||||
// see Configuring Amazon SNS Notifications for Run Command (http://docs.aws.amazon.com/systems-manager/latest/userguide/rc-sns-notifications.html)
|
||||
// see Configuring Amazon SNS Notifications for Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/rc-sns-notifications.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
ErrCodeInvalidRole = "InvalidRole"
|
||||
|
||||
|
@ -503,7 +503,7 @@ const (
|
|||
// "InvalidTarget".
|
||||
//
|
||||
// The target is not valid or does not exist. It might not be configured for
|
||||
// EC2 Systems Manager or you might not have permission to perform the operation.
|
||||
// Systems Manager or you might not have permission to perform the operation.
|
||||
ErrCodeInvalidTarget = "InvalidTarget"
|
||||
|
||||
// ErrCodeInvalidTypeNameException for service response error code
|
||||
|
@ -560,7 +560,7 @@ const (
|
|||
// "OpsItemLimitExceededException".
|
||||
//
|
||||
// The request caused OpsItems to exceed one or more quotas. For information
|
||||
// about OpsItem quotas, see What are the resource limits for OpsCenter? (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits).
|
||||
// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits).
|
||||
ErrCodeOpsItemLimitExceededException = "OpsItemLimitExceededException"
|
||||
|
||||
// ErrCodeOpsItemNotFoundException for service response error code
|
||||
|
@ -665,7 +665,7 @@ const (
|
|||
// For example, too many maintenance windows or patch baselines have been created.
|
||||
//
|
||||
// For information about resource quotas in Systems Manager, see Systems Manager
|
||||
// Service Quotas (http://docs.aws.amazon.com/general/latest/gr/ssm.html#limits_ssm)
|
||||
// service quotas (http://docs.aws.amazon.com/general/latest/gr/ssm.html#limits_ssm)
|
||||
// in the AWS General Reference.
|
||||
ErrCodeResourceLimitExceededException = "ResourceLimitExceededException"
|
||||
|
||||
|
@ -699,8 +699,8 @@ const (
|
|||
// "TargetNotConnected".
|
||||
//
|
||||
// The specified target instance for the session is not fully configured for
|
||||
// use with Session Manager. For more information, see Getting Started with
|
||||
// Session Manager (http://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html)
|
||||
// use with Session Manager. For more information, see Getting started with
|
||||
// Session Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
ErrCodeTargetNotConnected = "TargetNotConnected"
|
||||
|
||||
|
@ -734,10 +734,10 @@ const (
|
|||
// ErrCodeUnsupportedFeatureRequiredException for service response error code
|
||||
// "UnsupportedFeatureRequiredException".
|
||||
//
|
||||
// Microsoft application patching is only available on EC2 instances and Advanced
|
||||
// Instances. To patch Microsoft applications on on-premises servers and VMs,
|
||||
// you must enable Advanced Instances. For more information, see Using the Advanced-Instances
|
||||
// Tier (http://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html)
|
||||
// Microsoft application patching is only available on EC2 instances and advanced
|
||||
// instances. To patch Microsoft applications on on-premises servers and VMs,
|
||||
// you must enable advanced instances. For more information, see Using the advanced-instances
|
||||
// tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html)
|
||||
// in the AWS Systems Manager User Guide.
|
||||
ErrCodeUnsupportedFeatureRequiredException = "UnsupportedFeatureRequiredException"
|
||||
|
||||
|
@ -761,8 +761,7 @@ const (
|
|||
// "UnsupportedOperatingSystem".
|
||||
//
|
||||
// The operating systems you specified is not supported, or the operation is
|
||||
// not supported for the operating system. Valid operating systems include:
|
||||
// Windows, AmazonLinux, RedhatEnterpriseLinux, and Ubuntu.
|
||||
// not supported for the operating system.
|
||||
ErrCodeUnsupportedOperatingSystem = "UnsupportedOperatingSystem"
|
||||
|
||||
// ErrCodeUnsupportedParameterType for service response error code
|
||||
|
|
|
@ -171,22 +171,37 @@ type SSMAPI interface {
|
|||
DescribeAssociationExecutionTargetsWithContext(aws.Context, *ssm.DescribeAssociationExecutionTargetsInput, ...request.Option) (*ssm.DescribeAssociationExecutionTargetsOutput, error)
|
||||
DescribeAssociationExecutionTargetsRequest(*ssm.DescribeAssociationExecutionTargetsInput) (*request.Request, *ssm.DescribeAssociationExecutionTargetsOutput)
|
||||
|
||||
DescribeAssociationExecutionTargetsPages(*ssm.DescribeAssociationExecutionTargetsInput, func(*ssm.DescribeAssociationExecutionTargetsOutput, bool) bool) error
|
||||
DescribeAssociationExecutionTargetsPagesWithContext(aws.Context, *ssm.DescribeAssociationExecutionTargetsInput, func(*ssm.DescribeAssociationExecutionTargetsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeAssociationExecutions(*ssm.DescribeAssociationExecutionsInput) (*ssm.DescribeAssociationExecutionsOutput, error)
|
||||
DescribeAssociationExecutionsWithContext(aws.Context, *ssm.DescribeAssociationExecutionsInput, ...request.Option) (*ssm.DescribeAssociationExecutionsOutput, error)
|
||||
DescribeAssociationExecutionsRequest(*ssm.DescribeAssociationExecutionsInput) (*request.Request, *ssm.DescribeAssociationExecutionsOutput)
|
||||
|
||||
DescribeAssociationExecutionsPages(*ssm.DescribeAssociationExecutionsInput, func(*ssm.DescribeAssociationExecutionsOutput, bool) bool) error
|
||||
DescribeAssociationExecutionsPagesWithContext(aws.Context, *ssm.DescribeAssociationExecutionsInput, func(*ssm.DescribeAssociationExecutionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeAutomationExecutions(*ssm.DescribeAutomationExecutionsInput) (*ssm.DescribeAutomationExecutionsOutput, error)
|
||||
DescribeAutomationExecutionsWithContext(aws.Context, *ssm.DescribeAutomationExecutionsInput, ...request.Option) (*ssm.DescribeAutomationExecutionsOutput, error)
|
||||
DescribeAutomationExecutionsRequest(*ssm.DescribeAutomationExecutionsInput) (*request.Request, *ssm.DescribeAutomationExecutionsOutput)
|
||||
|
||||
DescribeAutomationExecutionsPages(*ssm.DescribeAutomationExecutionsInput, func(*ssm.DescribeAutomationExecutionsOutput, bool) bool) error
|
||||
DescribeAutomationExecutionsPagesWithContext(aws.Context, *ssm.DescribeAutomationExecutionsInput, func(*ssm.DescribeAutomationExecutionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeAutomationStepExecutions(*ssm.DescribeAutomationStepExecutionsInput) (*ssm.DescribeAutomationStepExecutionsOutput, error)
|
||||
DescribeAutomationStepExecutionsWithContext(aws.Context, *ssm.DescribeAutomationStepExecutionsInput, ...request.Option) (*ssm.DescribeAutomationStepExecutionsOutput, error)
|
||||
DescribeAutomationStepExecutionsRequest(*ssm.DescribeAutomationStepExecutionsInput) (*request.Request, *ssm.DescribeAutomationStepExecutionsOutput)
|
||||
|
||||
DescribeAutomationStepExecutionsPages(*ssm.DescribeAutomationStepExecutionsInput, func(*ssm.DescribeAutomationStepExecutionsOutput, bool) bool) error
|
||||
DescribeAutomationStepExecutionsPagesWithContext(aws.Context, *ssm.DescribeAutomationStepExecutionsInput, func(*ssm.DescribeAutomationStepExecutionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeAvailablePatches(*ssm.DescribeAvailablePatchesInput) (*ssm.DescribeAvailablePatchesOutput, error)
|
||||
DescribeAvailablePatchesWithContext(aws.Context, *ssm.DescribeAvailablePatchesInput, ...request.Option) (*ssm.DescribeAvailablePatchesOutput, error)
|
||||
DescribeAvailablePatchesRequest(*ssm.DescribeAvailablePatchesInput) (*request.Request, *ssm.DescribeAvailablePatchesOutput)
|
||||
|
||||
DescribeAvailablePatchesPages(*ssm.DescribeAvailablePatchesInput, func(*ssm.DescribeAvailablePatchesOutput, bool) bool) error
|
||||
DescribeAvailablePatchesPagesWithContext(aws.Context, *ssm.DescribeAvailablePatchesInput, func(*ssm.DescribeAvailablePatchesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeDocument(*ssm.DescribeDocumentInput) (*ssm.DescribeDocumentOutput, error)
|
||||
DescribeDocumentWithContext(aws.Context, *ssm.DescribeDocumentInput, ...request.Option) (*ssm.DescribeDocumentOutput, error)
|
||||
DescribeDocumentRequest(*ssm.DescribeDocumentInput) (*request.Request, *ssm.DescribeDocumentOutput)
|
||||
|
@ -199,14 +214,23 @@ type SSMAPI interface {
|
|||
DescribeEffectiveInstanceAssociationsWithContext(aws.Context, *ssm.DescribeEffectiveInstanceAssociationsInput, ...request.Option) (*ssm.DescribeEffectiveInstanceAssociationsOutput, error)
|
||||
DescribeEffectiveInstanceAssociationsRequest(*ssm.DescribeEffectiveInstanceAssociationsInput) (*request.Request, *ssm.DescribeEffectiveInstanceAssociationsOutput)
|
||||
|
||||
DescribeEffectiveInstanceAssociationsPages(*ssm.DescribeEffectiveInstanceAssociationsInput, func(*ssm.DescribeEffectiveInstanceAssociationsOutput, bool) bool) error
|
||||
DescribeEffectiveInstanceAssociationsPagesWithContext(aws.Context, *ssm.DescribeEffectiveInstanceAssociationsInput, func(*ssm.DescribeEffectiveInstanceAssociationsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeEffectivePatchesForPatchBaseline(*ssm.DescribeEffectivePatchesForPatchBaselineInput) (*ssm.DescribeEffectivePatchesForPatchBaselineOutput, error)
|
||||
DescribeEffectivePatchesForPatchBaselineWithContext(aws.Context, *ssm.DescribeEffectivePatchesForPatchBaselineInput, ...request.Option) (*ssm.DescribeEffectivePatchesForPatchBaselineOutput, error)
|
||||
DescribeEffectivePatchesForPatchBaselineRequest(*ssm.DescribeEffectivePatchesForPatchBaselineInput) (*request.Request, *ssm.DescribeEffectivePatchesForPatchBaselineOutput)
|
||||
|
||||
DescribeEffectivePatchesForPatchBaselinePages(*ssm.DescribeEffectivePatchesForPatchBaselineInput, func(*ssm.DescribeEffectivePatchesForPatchBaselineOutput, bool) bool) error
|
||||
DescribeEffectivePatchesForPatchBaselinePagesWithContext(aws.Context, *ssm.DescribeEffectivePatchesForPatchBaselineInput, func(*ssm.DescribeEffectivePatchesForPatchBaselineOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeInstanceAssociationsStatus(*ssm.DescribeInstanceAssociationsStatusInput) (*ssm.DescribeInstanceAssociationsStatusOutput, error)
|
||||
DescribeInstanceAssociationsStatusWithContext(aws.Context, *ssm.DescribeInstanceAssociationsStatusInput, ...request.Option) (*ssm.DescribeInstanceAssociationsStatusOutput, error)
|
||||
DescribeInstanceAssociationsStatusRequest(*ssm.DescribeInstanceAssociationsStatusInput) (*request.Request, *ssm.DescribeInstanceAssociationsStatusOutput)
|
||||
|
||||
DescribeInstanceAssociationsStatusPages(*ssm.DescribeInstanceAssociationsStatusInput, func(*ssm.DescribeInstanceAssociationsStatusOutput, bool) bool) error
|
||||
DescribeInstanceAssociationsStatusPagesWithContext(aws.Context, *ssm.DescribeInstanceAssociationsStatusInput, func(*ssm.DescribeInstanceAssociationsStatusOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeInstanceInformation(*ssm.DescribeInstanceInformationInput) (*ssm.DescribeInstanceInformationOutput, error)
|
||||
DescribeInstanceInformationWithContext(aws.Context, *ssm.DescribeInstanceInformationInput, ...request.Option) (*ssm.DescribeInstanceInformationOutput, error)
|
||||
DescribeInstanceInformationRequest(*ssm.DescribeInstanceInformationInput) (*request.Request, *ssm.DescribeInstanceInformationOutput)
|
||||
|
@ -218,54 +242,93 @@ type SSMAPI interface {
|
|||
DescribeInstancePatchStatesWithContext(aws.Context, *ssm.DescribeInstancePatchStatesInput, ...request.Option) (*ssm.DescribeInstancePatchStatesOutput, error)
|
||||
DescribeInstancePatchStatesRequest(*ssm.DescribeInstancePatchStatesInput) (*request.Request, *ssm.DescribeInstancePatchStatesOutput)
|
||||
|
||||
DescribeInstancePatchStatesPages(*ssm.DescribeInstancePatchStatesInput, func(*ssm.DescribeInstancePatchStatesOutput, bool) bool) error
|
||||
DescribeInstancePatchStatesPagesWithContext(aws.Context, *ssm.DescribeInstancePatchStatesInput, func(*ssm.DescribeInstancePatchStatesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeInstancePatchStatesForPatchGroup(*ssm.DescribeInstancePatchStatesForPatchGroupInput) (*ssm.DescribeInstancePatchStatesForPatchGroupOutput, error)
|
||||
DescribeInstancePatchStatesForPatchGroupWithContext(aws.Context, *ssm.DescribeInstancePatchStatesForPatchGroupInput, ...request.Option) (*ssm.DescribeInstancePatchStatesForPatchGroupOutput, error)
|
||||
DescribeInstancePatchStatesForPatchGroupRequest(*ssm.DescribeInstancePatchStatesForPatchGroupInput) (*request.Request, *ssm.DescribeInstancePatchStatesForPatchGroupOutput)
|
||||
|
||||
DescribeInstancePatchStatesForPatchGroupPages(*ssm.DescribeInstancePatchStatesForPatchGroupInput, func(*ssm.DescribeInstancePatchStatesForPatchGroupOutput, bool) bool) error
|
||||
DescribeInstancePatchStatesForPatchGroupPagesWithContext(aws.Context, *ssm.DescribeInstancePatchStatesForPatchGroupInput, func(*ssm.DescribeInstancePatchStatesForPatchGroupOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeInstancePatches(*ssm.DescribeInstancePatchesInput) (*ssm.DescribeInstancePatchesOutput, error)
|
||||
DescribeInstancePatchesWithContext(aws.Context, *ssm.DescribeInstancePatchesInput, ...request.Option) (*ssm.DescribeInstancePatchesOutput, error)
|
||||
DescribeInstancePatchesRequest(*ssm.DescribeInstancePatchesInput) (*request.Request, *ssm.DescribeInstancePatchesOutput)
|
||||
|
||||
DescribeInstancePatchesPages(*ssm.DescribeInstancePatchesInput, func(*ssm.DescribeInstancePatchesOutput, bool) bool) error
|
||||
DescribeInstancePatchesPagesWithContext(aws.Context, *ssm.DescribeInstancePatchesInput, func(*ssm.DescribeInstancePatchesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeInventoryDeletions(*ssm.DescribeInventoryDeletionsInput) (*ssm.DescribeInventoryDeletionsOutput, error)
|
||||
DescribeInventoryDeletionsWithContext(aws.Context, *ssm.DescribeInventoryDeletionsInput, ...request.Option) (*ssm.DescribeInventoryDeletionsOutput, error)
|
||||
DescribeInventoryDeletionsRequest(*ssm.DescribeInventoryDeletionsInput) (*request.Request, *ssm.DescribeInventoryDeletionsOutput)
|
||||
|
||||
DescribeInventoryDeletionsPages(*ssm.DescribeInventoryDeletionsInput, func(*ssm.DescribeInventoryDeletionsOutput, bool) bool) error
|
||||
DescribeInventoryDeletionsPagesWithContext(aws.Context, *ssm.DescribeInventoryDeletionsInput, func(*ssm.DescribeInventoryDeletionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowExecutionTaskInvocations(*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsInput) (*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsOutput, error)
|
||||
DescribeMaintenanceWindowExecutionTaskInvocationsWithContext(aws.Context, *ssm.DescribeMaintenanceWindowExecutionTaskInvocationsInput, ...request.Option) (*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsOutput, error)
|
||||
DescribeMaintenanceWindowExecutionTaskInvocationsRequest(*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsInput) (*request.Request, *ssm.DescribeMaintenanceWindowExecutionTaskInvocationsOutput)
|
||||
|
||||
DescribeMaintenanceWindowExecutionTaskInvocationsPages(*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsInput, func(*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowExecutionTaskInvocationsPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowExecutionTaskInvocationsInput, func(*ssm.DescribeMaintenanceWindowExecutionTaskInvocationsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowExecutionTasks(*ssm.DescribeMaintenanceWindowExecutionTasksInput) (*ssm.DescribeMaintenanceWindowExecutionTasksOutput, error)
|
||||
DescribeMaintenanceWindowExecutionTasksWithContext(aws.Context, *ssm.DescribeMaintenanceWindowExecutionTasksInput, ...request.Option) (*ssm.DescribeMaintenanceWindowExecutionTasksOutput, error)
|
||||
DescribeMaintenanceWindowExecutionTasksRequest(*ssm.DescribeMaintenanceWindowExecutionTasksInput) (*request.Request, *ssm.DescribeMaintenanceWindowExecutionTasksOutput)
|
||||
|
||||
DescribeMaintenanceWindowExecutionTasksPages(*ssm.DescribeMaintenanceWindowExecutionTasksInput, func(*ssm.DescribeMaintenanceWindowExecutionTasksOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowExecutionTasksPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowExecutionTasksInput, func(*ssm.DescribeMaintenanceWindowExecutionTasksOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowExecutions(*ssm.DescribeMaintenanceWindowExecutionsInput) (*ssm.DescribeMaintenanceWindowExecutionsOutput, error)
|
||||
DescribeMaintenanceWindowExecutionsWithContext(aws.Context, *ssm.DescribeMaintenanceWindowExecutionsInput, ...request.Option) (*ssm.DescribeMaintenanceWindowExecutionsOutput, error)
|
||||
DescribeMaintenanceWindowExecutionsRequest(*ssm.DescribeMaintenanceWindowExecutionsInput) (*request.Request, *ssm.DescribeMaintenanceWindowExecutionsOutput)
|
||||
|
||||
DescribeMaintenanceWindowExecutionsPages(*ssm.DescribeMaintenanceWindowExecutionsInput, func(*ssm.DescribeMaintenanceWindowExecutionsOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowExecutionsPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowExecutionsInput, func(*ssm.DescribeMaintenanceWindowExecutionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowSchedule(*ssm.DescribeMaintenanceWindowScheduleInput) (*ssm.DescribeMaintenanceWindowScheduleOutput, error)
|
||||
DescribeMaintenanceWindowScheduleWithContext(aws.Context, *ssm.DescribeMaintenanceWindowScheduleInput, ...request.Option) (*ssm.DescribeMaintenanceWindowScheduleOutput, error)
|
||||
DescribeMaintenanceWindowScheduleRequest(*ssm.DescribeMaintenanceWindowScheduleInput) (*request.Request, *ssm.DescribeMaintenanceWindowScheduleOutput)
|
||||
|
||||
DescribeMaintenanceWindowSchedulePages(*ssm.DescribeMaintenanceWindowScheduleInput, func(*ssm.DescribeMaintenanceWindowScheduleOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowSchedulePagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowScheduleInput, func(*ssm.DescribeMaintenanceWindowScheduleOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowTargets(*ssm.DescribeMaintenanceWindowTargetsInput) (*ssm.DescribeMaintenanceWindowTargetsOutput, error)
|
||||
DescribeMaintenanceWindowTargetsWithContext(aws.Context, *ssm.DescribeMaintenanceWindowTargetsInput, ...request.Option) (*ssm.DescribeMaintenanceWindowTargetsOutput, error)
|
||||
DescribeMaintenanceWindowTargetsRequest(*ssm.DescribeMaintenanceWindowTargetsInput) (*request.Request, *ssm.DescribeMaintenanceWindowTargetsOutput)
|
||||
|
||||
DescribeMaintenanceWindowTargetsPages(*ssm.DescribeMaintenanceWindowTargetsInput, func(*ssm.DescribeMaintenanceWindowTargetsOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowTargetsPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowTargetsInput, func(*ssm.DescribeMaintenanceWindowTargetsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowTasks(*ssm.DescribeMaintenanceWindowTasksInput) (*ssm.DescribeMaintenanceWindowTasksOutput, error)
|
||||
DescribeMaintenanceWindowTasksWithContext(aws.Context, *ssm.DescribeMaintenanceWindowTasksInput, ...request.Option) (*ssm.DescribeMaintenanceWindowTasksOutput, error)
|
||||
DescribeMaintenanceWindowTasksRequest(*ssm.DescribeMaintenanceWindowTasksInput) (*request.Request, *ssm.DescribeMaintenanceWindowTasksOutput)
|
||||
|
||||
DescribeMaintenanceWindowTasksPages(*ssm.DescribeMaintenanceWindowTasksInput, func(*ssm.DescribeMaintenanceWindowTasksOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowTasksPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowTasksInput, func(*ssm.DescribeMaintenanceWindowTasksOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindows(*ssm.DescribeMaintenanceWindowsInput) (*ssm.DescribeMaintenanceWindowsOutput, error)
|
||||
DescribeMaintenanceWindowsWithContext(aws.Context, *ssm.DescribeMaintenanceWindowsInput, ...request.Option) (*ssm.DescribeMaintenanceWindowsOutput, error)
|
||||
DescribeMaintenanceWindowsRequest(*ssm.DescribeMaintenanceWindowsInput) (*request.Request, *ssm.DescribeMaintenanceWindowsOutput)
|
||||
|
||||
DescribeMaintenanceWindowsPages(*ssm.DescribeMaintenanceWindowsInput, func(*ssm.DescribeMaintenanceWindowsOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowsPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowsInput, func(*ssm.DescribeMaintenanceWindowsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeMaintenanceWindowsForTarget(*ssm.DescribeMaintenanceWindowsForTargetInput) (*ssm.DescribeMaintenanceWindowsForTargetOutput, error)
|
||||
DescribeMaintenanceWindowsForTargetWithContext(aws.Context, *ssm.DescribeMaintenanceWindowsForTargetInput, ...request.Option) (*ssm.DescribeMaintenanceWindowsForTargetOutput, error)
|
||||
DescribeMaintenanceWindowsForTargetRequest(*ssm.DescribeMaintenanceWindowsForTargetInput) (*request.Request, *ssm.DescribeMaintenanceWindowsForTargetOutput)
|
||||
|
||||
DescribeMaintenanceWindowsForTargetPages(*ssm.DescribeMaintenanceWindowsForTargetInput, func(*ssm.DescribeMaintenanceWindowsForTargetOutput, bool) bool) error
|
||||
DescribeMaintenanceWindowsForTargetPagesWithContext(aws.Context, *ssm.DescribeMaintenanceWindowsForTargetInput, func(*ssm.DescribeMaintenanceWindowsForTargetOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeOpsItems(*ssm.DescribeOpsItemsInput) (*ssm.DescribeOpsItemsOutput, error)
|
||||
DescribeOpsItemsWithContext(aws.Context, *ssm.DescribeOpsItemsInput, ...request.Option) (*ssm.DescribeOpsItemsOutput, error)
|
||||
DescribeOpsItemsRequest(*ssm.DescribeOpsItemsInput) (*request.Request, *ssm.DescribeOpsItemsOutput)
|
||||
|
||||
DescribeOpsItemsPages(*ssm.DescribeOpsItemsInput, func(*ssm.DescribeOpsItemsOutput, bool) bool) error
|
||||
DescribeOpsItemsPagesWithContext(aws.Context, *ssm.DescribeOpsItemsInput, func(*ssm.DescribeOpsItemsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeParameters(*ssm.DescribeParametersInput) (*ssm.DescribeParametersOutput, error)
|
||||
DescribeParametersWithContext(aws.Context, *ssm.DescribeParametersInput, ...request.Option) (*ssm.DescribeParametersOutput, error)
|
||||
DescribeParametersRequest(*ssm.DescribeParametersInput) (*request.Request, *ssm.DescribeParametersOutput)
|
||||
|
@ -277,6 +340,9 @@ type SSMAPI interface {
|
|||
DescribePatchBaselinesWithContext(aws.Context, *ssm.DescribePatchBaselinesInput, ...request.Option) (*ssm.DescribePatchBaselinesOutput, error)
|
||||
DescribePatchBaselinesRequest(*ssm.DescribePatchBaselinesInput) (*request.Request, *ssm.DescribePatchBaselinesOutput)
|
||||
|
||||
DescribePatchBaselinesPages(*ssm.DescribePatchBaselinesInput, func(*ssm.DescribePatchBaselinesOutput, bool) bool) error
|
||||
DescribePatchBaselinesPagesWithContext(aws.Context, *ssm.DescribePatchBaselinesInput, func(*ssm.DescribePatchBaselinesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribePatchGroupState(*ssm.DescribePatchGroupStateInput) (*ssm.DescribePatchGroupStateOutput, error)
|
||||
DescribePatchGroupStateWithContext(aws.Context, *ssm.DescribePatchGroupStateInput, ...request.Option) (*ssm.DescribePatchGroupStateOutput, error)
|
||||
DescribePatchGroupStateRequest(*ssm.DescribePatchGroupStateInput) (*request.Request, *ssm.DescribePatchGroupStateOutput)
|
||||
|
@ -285,14 +351,23 @@ type SSMAPI interface {
|
|||
DescribePatchGroupsWithContext(aws.Context, *ssm.DescribePatchGroupsInput, ...request.Option) (*ssm.DescribePatchGroupsOutput, error)
|
||||
DescribePatchGroupsRequest(*ssm.DescribePatchGroupsInput) (*request.Request, *ssm.DescribePatchGroupsOutput)
|
||||
|
||||
DescribePatchGroupsPages(*ssm.DescribePatchGroupsInput, func(*ssm.DescribePatchGroupsOutput, bool) bool) error
|
||||
DescribePatchGroupsPagesWithContext(aws.Context, *ssm.DescribePatchGroupsInput, func(*ssm.DescribePatchGroupsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribePatchProperties(*ssm.DescribePatchPropertiesInput) (*ssm.DescribePatchPropertiesOutput, error)
|
||||
DescribePatchPropertiesWithContext(aws.Context, *ssm.DescribePatchPropertiesInput, ...request.Option) (*ssm.DescribePatchPropertiesOutput, error)
|
||||
DescribePatchPropertiesRequest(*ssm.DescribePatchPropertiesInput) (*request.Request, *ssm.DescribePatchPropertiesOutput)
|
||||
|
||||
DescribePatchPropertiesPages(*ssm.DescribePatchPropertiesInput, func(*ssm.DescribePatchPropertiesOutput, bool) bool) error
|
||||
DescribePatchPropertiesPagesWithContext(aws.Context, *ssm.DescribePatchPropertiesInput, func(*ssm.DescribePatchPropertiesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
DescribeSessions(*ssm.DescribeSessionsInput) (*ssm.DescribeSessionsOutput, error)
|
||||
DescribeSessionsWithContext(aws.Context, *ssm.DescribeSessionsInput, ...request.Option) (*ssm.DescribeSessionsOutput, error)
|
||||
DescribeSessionsRequest(*ssm.DescribeSessionsInput) (*request.Request, *ssm.DescribeSessionsOutput)
|
||||
|
||||
DescribeSessionsPages(*ssm.DescribeSessionsInput, func(*ssm.DescribeSessionsOutput, bool) bool) error
|
||||
DescribeSessionsPagesWithContext(aws.Context, *ssm.DescribeSessionsInput, func(*ssm.DescribeSessionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetAutomationExecution(*ssm.GetAutomationExecutionInput) (*ssm.GetAutomationExecutionOutput, error)
|
||||
GetAutomationExecutionWithContext(aws.Context, *ssm.GetAutomationExecutionInput, ...request.Option) (*ssm.GetAutomationExecutionOutput, error)
|
||||
GetAutomationExecutionRequest(*ssm.GetAutomationExecutionInput) (*request.Request, *ssm.GetAutomationExecutionOutput)
|
||||
|
@ -325,10 +400,16 @@ type SSMAPI interface {
|
|||
GetInventoryWithContext(aws.Context, *ssm.GetInventoryInput, ...request.Option) (*ssm.GetInventoryOutput, error)
|
||||
GetInventoryRequest(*ssm.GetInventoryInput) (*request.Request, *ssm.GetInventoryOutput)
|
||||
|
||||
GetInventoryPages(*ssm.GetInventoryInput, func(*ssm.GetInventoryOutput, bool) bool) error
|
||||
GetInventoryPagesWithContext(aws.Context, *ssm.GetInventoryInput, func(*ssm.GetInventoryOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetInventorySchema(*ssm.GetInventorySchemaInput) (*ssm.GetInventorySchemaOutput, error)
|
||||
GetInventorySchemaWithContext(aws.Context, *ssm.GetInventorySchemaInput, ...request.Option) (*ssm.GetInventorySchemaOutput, error)
|
||||
GetInventorySchemaRequest(*ssm.GetInventorySchemaInput) (*request.Request, *ssm.GetInventorySchemaOutput)
|
||||
|
||||
GetInventorySchemaPages(*ssm.GetInventorySchemaInput, func(*ssm.GetInventorySchemaOutput, bool) bool) error
|
||||
GetInventorySchemaPagesWithContext(aws.Context, *ssm.GetInventorySchemaInput, func(*ssm.GetInventorySchemaOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetMaintenanceWindow(*ssm.GetMaintenanceWindowInput) (*ssm.GetMaintenanceWindowOutput, error)
|
||||
GetMaintenanceWindowWithContext(aws.Context, *ssm.GetMaintenanceWindowInput, ...request.Option) (*ssm.GetMaintenanceWindowOutput, error)
|
||||
GetMaintenanceWindowRequest(*ssm.GetMaintenanceWindowInput) (*request.Request, *ssm.GetMaintenanceWindowOutput)
|
||||
|
@ -357,6 +438,9 @@ type SSMAPI interface {
|
|||
GetOpsSummaryWithContext(aws.Context, *ssm.GetOpsSummaryInput, ...request.Option) (*ssm.GetOpsSummaryOutput, error)
|
||||
GetOpsSummaryRequest(*ssm.GetOpsSummaryInput) (*request.Request, *ssm.GetOpsSummaryOutput)
|
||||
|
||||
GetOpsSummaryPages(*ssm.GetOpsSummaryInput, func(*ssm.GetOpsSummaryOutput, bool) bool) error
|
||||
GetOpsSummaryPagesWithContext(aws.Context, *ssm.GetOpsSummaryInput, func(*ssm.GetOpsSummaryOutput, bool) bool, ...request.Option) error
|
||||
|
||||
GetParameter(*ssm.GetParameterInput) (*ssm.GetParameterOutput, error)
|
||||
GetParameterWithContext(aws.Context, *ssm.GetParameterInput, ...request.Option) (*ssm.GetParameterOutput, error)
|
||||
GetParameterRequest(*ssm.GetParameterInput) (*request.Request, *ssm.GetParameterOutput)
|
||||
|
@ -399,6 +483,9 @@ type SSMAPI interface {
|
|||
ListAssociationVersionsWithContext(aws.Context, *ssm.ListAssociationVersionsInput, ...request.Option) (*ssm.ListAssociationVersionsOutput, error)
|
||||
ListAssociationVersionsRequest(*ssm.ListAssociationVersionsInput) (*request.Request, *ssm.ListAssociationVersionsOutput)
|
||||
|
||||
ListAssociationVersionsPages(*ssm.ListAssociationVersionsInput, func(*ssm.ListAssociationVersionsOutput, bool) bool) error
|
||||
ListAssociationVersionsPagesWithContext(aws.Context, *ssm.ListAssociationVersionsInput, func(*ssm.ListAssociationVersionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
ListAssociations(*ssm.ListAssociationsInput) (*ssm.ListAssociationsOutput, error)
|
||||
ListAssociationsWithContext(aws.Context, *ssm.ListAssociationsInput, ...request.Option) (*ssm.ListAssociationsOutput, error)
|
||||
ListAssociationsRequest(*ssm.ListAssociationsInput) (*request.Request, *ssm.ListAssociationsOutput)
|
||||
|
@ -424,14 +511,23 @@ type SSMAPI interface {
|
|||
ListComplianceItemsWithContext(aws.Context, *ssm.ListComplianceItemsInput, ...request.Option) (*ssm.ListComplianceItemsOutput, error)
|
||||
ListComplianceItemsRequest(*ssm.ListComplianceItemsInput) (*request.Request, *ssm.ListComplianceItemsOutput)
|
||||
|
||||
ListComplianceItemsPages(*ssm.ListComplianceItemsInput, func(*ssm.ListComplianceItemsOutput, bool) bool) error
|
||||
ListComplianceItemsPagesWithContext(aws.Context, *ssm.ListComplianceItemsInput, func(*ssm.ListComplianceItemsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
ListComplianceSummaries(*ssm.ListComplianceSummariesInput) (*ssm.ListComplianceSummariesOutput, error)
|
||||
ListComplianceSummariesWithContext(aws.Context, *ssm.ListComplianceSummariesInput, ...request.Option) (*ssm.ListComplianceSummariesOutput, error)
|
||||
ListComplianceSummariesRequest(*ssm.ListComplianceSummariesInput) (*request.Request, *ssm.ListComplianceSummariesOutput)
|
||||
|
||||
ListComplianceSummariesPages(*ssm.ListComplianceSummariesInput, func(*ssm.ListComplianceSummariesOutput, bool) bool) error
|
||||
ListComplianceSummariesPagesWithContext(aws.Context, *ssm.ListComplianceSummariesInput, func(*ssm.ListComplianceSummariesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
ListDocumentVersions(*ssm.ListDocumentVersionsInput) (*ssm.ListDocumentVersionsOutput, error)
|
||||
ListDocumentVersionsWithContext(aws.Context, *ssm.ListDocumentVersionsInput, ...request.Option) (*ssm.ListDocumentVersionsOutput, error)
|
||||
ListDocumentVersionsRequest(*ssm.ListDocumentVersionsInput) (*request.Request, *ssm.ListDocumentVersionsOutput)
|
||||
|
||||
ListDocumentVersionsPages(*ssm.ListDocumentVersionsInput, func(*ssm.ListDocumentVersionsOutput, bool) bool) error
|
||||
ListDocumentVersionsPagesWithContext(aws.Context, *ssm.ListDocumentVersionsInput, func(*ssm.ListDocumentVersionsOutput, bool) bool, ...request.Option) error
|
||||
|
||||
ListDocuments(*ssm.ListDocumentsInput) (*ssm.ListDocumentsOutput, error)
|
||||
ListDocumentsWithContext(aws.Context, *ssm.ListDocumentsInput, ...request.Option) (*ssm.ListDocumentsOutput, error)
|
||||
ListDocumentsRequest(*ssm.ListDocumentsInput) (*request.Request, *ssm.ListDocumentsOutput)
|
||||
|
@ -447,10 +543,16 @@ type SSMAPI interface {
|
|||
ListResourceComplianceSummariesWithContext(aws.Context, *ssm.ListResourceComplianceSummariesInput, ...request.Option) (*ssm.ListResourceComplianceSummariesOutput, error)
|
||||
ListResourceComplianceSummariesRequest(*ssm.ListResourceComplianceSummariesInput) (*request.Request, *ssm.ListResourceComplianceSummariesOutput)
|
||||
|
||||
ListResourceComplianceSummariesPages(*ssm.ListResourceComplianceSummariesInput, func(*ssm.ListResourceComplianceSummariesOutput, bool) bool) error
|
||||
ListResourceComplianceSummariesPagesWithContext(aws.Context, *ssm.ListResourceComplianceSummariesInput, func(*ssm.ListResourceComplianceSummariesOutput, bool) bool, ...request.Option) error
|
||||
|
||||
ListResourceDataSync(*ssm.ListResourceDataSyncInput) (*ssm.ListResourceDataSyncOutput, error)
|
||||
ListResourceDataSyncWithContext(aws.Context, *ssm.ListResourceDataSyncInput, ...request.Option) (*ssm.ListResourceDataSyncOutput, error)
|
||||
ListResourceDataSyncRequest(*ssm.ListResourceDataSyncInput) (*request.Request, *ssm.ListResourceDataSyncOutput)
|
||||
|
||||
ListResourceDataSyncPages(*ssm.ListResourceDataSyncInput, func(*ssm.ListResourceDataSyncOutput, bool) bool) error
|
||||
ListResourceDataSyncPagesWithContext(aws.Context, *ssm.ListResourceDataSyncInput, func(*ssm.ListResourceDataSyncOutput, bool) bool, ...request.Option) error
|
||||
|
||||
ListTagsForResource(*ssm.ListTagsForResourceInput) (*ssm.ListTagsForResourceOutput, error)
|
||||
ListTagsForResourceWithContext(aws.Context, *ssm.ListTagsForResourceInput, ...request.Option) (*ssm.ListTagsForResourceOutput, error)
|
||||
ListTagsForResourceRequest(*ssm.ListTagsForResourceInput) (*request.Request, *ssm.ListTagsForResourceOutput)
|
||||
|
@ -574,6 +676,9 @@ type SSMAPI interface {
|
|||
UpdateServiceSetting(*ssm.UpdateServiceSettingInput) (*ssm.UpdateServiceSettingOutput, error)
|
||||
UpdateServiceSettingWithContext(aws.Context, *ssm.UpdateServiceSettingInput, ...request.Option) (*ssm.UpdateServiceSettingOutput, error)
|
||||
UpdateServiceSettingRequest(*ssm.UpdateServiceSettingInput) (*request.Request, *ssm.UpdateServiceSettingOutput)
|
||||
|
||||
WaitUntilCommandExecuted(*ssm.GetCommandInvocationInput) error
|
||||
WaitUntilCommandExecutedWithContext(aws.Context, *ssm.GetCommandInvocationInput, ...request.WaiterOption) error
|
||||
}
|
||||
|
||||
var _ SSMAPI = (*ssm.SSM)(nil)
|
||||
|
|
|
@ -0,0 +1,91 @@
|
|||
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
||||
|
||||
package ssm
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
// WaitUntilCommandExecuted uses the Amazon SSM API operation
|
||||
// GetCommandInvocation to wait for a condition to be met before returning.
|
||||
// If the condition is not met within the max attempt window, an error will
|
||||
// be returned.
|
||||
func (c *SSM) WaitUntilCommandExecuted(input *GetCommandInvocationInput) error {
|
||||
return c.WaitUntilCommandExecutedWithContext(aws.BackgroundContext(), input)
|
||||
}
|
||||
|
||||
// WaitUntilCommandExecutedWithContext is an extended version of WaitUntilCommandExecuted.
|
||||
// With the support for passing in a context and options to configure the
|
||||
// Waiter and the underlying request options.
|
||||
//
|
||||
// The context must be non-nil and will be used for request cancellation. If
|
||||
// the context is nil a panic will occur. In the future the SDK may create
|
||||
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
||||
// for more information on using Contexts.
|
||||
func (c *SSM) WaitUntilCommandExecutedWithContext(ctx aws.Context, input *GetCommandInvocationInput, opts ...request.WaiterOption) error {
|
||||
w := request.Waiter{
|
||||
Name: "WaitUntilCommandExecuted",
|
||||
MaxAttempts: 20,
|
||||
Delay: request.ConstantWaiterDelay(5 * time.Second),
|
||||
Acceptors: []request.WaiterAcceptor{
|
||||
{
|
||||
State: request.RetryWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "Pending",
|
||||
},
|
||||
{
|
||||
State: request.RetryWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "InProgress",
|
||||
},
|
||||
{
|
||||
State: request.RetryWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "Delayed",
|
||||
},
|
||||
{
|
||||
State: request.SuccessWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "Success",
|
||||
},
|
||||
{
|
||||
State: request.FailureWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "Cancelled",
|
||||
},
|
||||
{
|
||||
State: request.FailureWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "TimedOut",
|
||||
},
|
||||
{
|
||||
State: request.FailureWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "Failed",
|
||||
},
|
||||
{
|
||||
State: request.FailureWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "Status",
|
||||
Expected: "Cancelling",
|
||||
},
|
||||
},
|
||||
Logger: c.Config.Logger,
|
||||
NewRequest: func(opts []request.Option) (*request.Request, error) {
|
||||
var inCpy *GetCommandInvocationInput
|
||||
if input != nil {
|
||||
tmp := *input
|
||||
inCpy = &tmp
|
||||
}
|
||||
req, _ := c.GetCommandInvocationRequest(inCpy)
|
||||
req.SetContext(ctx)
|
||||
req.ApplyOptions(opts...)
|
||||
return req, nil
|
||||
},
|
||||
}
|
||||
w.ApplyOptions(opts...)
|
||||
|
||||
return w.WaitWithContext(ctx)
|
||||
}
|
|
@ -1788,7 +1788,7 @@ type AssumeRoleWithSAMLInput struct {
|
|||
// in the IAM User Guide.
|
||||
//
|
||||
// SAMLAssertion is a required field
|
||||
SAMLAssertion *string `min:"4" type:"string" required:"true"`
|
||||
SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
|
@ -2100,7 +2100,7 @@ type AssumeRoleWithWebIdentityInput struct {
|
|||
// the application makes an AssumeRoleWithWebIdentity call.
|
||||
//
|
||||
// WebIdentityToken is a required field
|
||||
WebIdentityToken *string `min:"4" type:"string" required:"true"`
|
||||
WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"`
|
||||
}
|
||||
|
||||
// String returns the string representation
|
||||
|
|
|
@ -104,7 +104,7 @@ github.com/approvals/go-approval-tests/utils
|
|||
github.com/armon/go-metrics
|
||||
# github.com/armon/go-radix v1.0.0
|
||||
github.com/armon/go-radix
|
||||
# github.com/aws/aws-sdk-go v1.30.8
|
||||
# github.com/aws/aws-sdk-go v1.34.26
|
||||
github.com/aws/aws-sdk-go/aws
|
||||
github.com/aws/aws-sdk-go/aws/arn
|
||||
github.com/aws/aws-sdk-go/aws/awserr
|
||||
|
@ -134,6 +134,7 @@ github.com/aws/aws-sdk-go/internal/sdkuri
|
|||
github.com/aws/aws-sdk-go/internal/shareddefaults
|
||||
github.com/aws/aws-sdk-go/internal/strings
|
||||
github.com/aws/aws-sdk-go/internal/sync/singleflight
|
||||
github.com/aws/aws-sdk-go/private/checksum
|
||||
github.com/aws/aws-sdk-go/private/protocol
|
||||
github.com/aws/aws-sdk-go/private/protocol/ec2query
|
||||
github.com/aws/aws-sdk-go/private/protocol/eventstream
|
||||
|
|
|
@ -106,6 +106,12 @@ Block devices can be nested in the
|
|||
|
||||
@include 'builder/amazon/common/AccessConfig-not-required.mdx'
|
||||
|
||||
### Assume Role Configuration
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig.mdx'
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig-not-required.mdx'
|
||||
|
||||
### Polling Configuration
|
||||
|
||||
@include 'builder/amazon/common/AWSPollingConfig.mdx'
|
||||
|
|
|
@ -69,6 +69,12 @@ necessary for this build to succeed and can be found further down the page.
|
|||
|
||||
@include 'builder/amazon/common/AccessConfig-not-required.mdx'
|
||||
|
||||
### Assume Role Configuration
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig.mdx'
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig-not-required.mdx'
|
||||
|
||||
### Polling Configuration
|
||||
|
||||
@include 'builder/amazon/common/AWSPollingConfig.mdx'
|
||||
|
|
|
@ -65,6 +65,12 @@ necessary for this build to succeed and can be found further down the page.
|
|||
|
||||
@include 'builder/amazon/common/AccessConfig-not-required.mdx'
|
||||
|
||||
### Assume Role Configuration
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig.mdx'
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig-not-required.mdx'
|
||||
|
||||
### Polling Configuration
|
||||
|
||||
@include 'builder/amazon/common/AWSPollingConfig.mdx'
|
||||
|
|
|
@ -57,6 +57,12 @@ necessary for this build to succeed and can be found further down the page.
|
|||
|
||||
@include 'builder/amazon/common/AccessConfig-not-required.mdx'
|
||||
|
||||
### Assume Role Configuration
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig.mdx'
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig-not-required.mdx'
|
||||
|
||||
### Polling Configuration
|
||||
|
||||
@include 'builder/amazon/common/AWSPollingConfig.mdx'
|
||||
|
|
|
@ -93,6 +93,16 @@ source "amazon-ebs" "basic-example" {
|
|||
</Tab>
|
||||
</Tabs>
|
||||
|
||||
If you would like, you may also assume a role using the assume_role
|
||||
configuration option. You must still have one of the valid credential resources
|
||||
explained above, and your user must have permission to assume the role in
|
||||
question. This is a way of running Packer with a more restrictive set of
|
||||
permissions than your user.
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig.mdx'
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig-not-required.mdx'
|
||||
|
||||
### Environment variables
|
||||
|
||||
You can provide your credentials via the `AWS_ACCESS_KEY_ID` and
|
||||
|
|
|
@ -85,6 +85,12 @@ necessary for this build to succeed and can be found further down the page.
|
|||
|
||||
@include 'builder/amazon/common/AccessConfig-not-required.mdx'
|
||||
|
||||
### Assume Role Configuration
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig.mdx'
|
||||
|
||||
@include 'builder/amazon/common/AssumeRoleConfig-not-required.mdx'
|
||||
|
||||
### Polling Configuration
|
||||
|
||||
@include 'builder/amazon/common/AWSPollingConfig.mdx'
|
||||
|
|
|
@ -1,9 +1,16 @@
|
|||
<!-- Code generated from the comments of the AccessConfig struct in builder/amazon/common/access_config.go; DO NOT EDIT MANUALLY -->
|
||||
|
||||
- `assume_role` (AssumeRoleConfig) - If provided with a role ARN, Packer will attempt to assume this role
|
||||
using the supplied credentials. See
|
||||
[AssumeRoleConfig](#assume-role-configuration) below for more
|
||||
details on all of the options available, and for a usage example.
|
||||
|
||||
- `custom_endpoint_ec2` (string) - This option is useful if you use a cloud
|
||||
provider whose API is compatible with aws EC2. Specify another endpoint
|
||||
like this https://ec2.custom.endpoint.com.
|
||||
|
||||
- `shared_credentials_file` (string) - Path to a credentials file to load credentials from
|
||||
|
||||
- `decode_authorization_messages` (bool) - Enable automatic decoding of any encoded authorization (error) messages
|
||||
using the `sts:DecodeAuthorizationMessage` API. Note: requires that the
|
||||
effective user/role have permissions to `sts:DecodeAuthorizationMessage`
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
<!-- Code generated from the comments of the AssumeRoleConfig struct in builder/amazon/common/access_config.go; DO NOT EDIT MANUALLY -->
|
||||
|
||||
- `role_arn` (string) - Amazon Resource Name (ARN) of the IAM Role to assume.
|
||||
|
||||
- `duration_seconds` (int) - Number of seconds to restrict the assume role session duration.
|
||||
|
||||
- `external_id` (string) - The external ID to use when assuming the role. If omitted, no external
|
||||
ID is passed to the AssumeRole call.
|
||||
|
||||
- `policy` (string) - IAM Policy JSON describing further restricting permissions for the IAM
|
||||
Role being assumed.
|
||||
|
||||
- `policy_arns` ([]string) - Set of Amazon Resource Names (ARNs) of IAM Policies describing further
|
||||
restricting permissions for the IAM Role being
|
||||
|
||||
- `session_name` (string) - Session name to use when assuming the role.
|
||||
|
||||
- `tags` (map[string]string) - Map of assume role session tags.
|
||||
|
||||
- `transitive_tag_keys` ([]string) - Set of assume role session tag keys to pass to any subsequent sessions.
|
|
@ -0,0 +1,31 @@
|
|||
<!-- Code generated from the comments of the AssumeRoleConfig struct in builder/amazon/common/access_config.go; DO NOT EDIT MANUALLY -->
|
||||
|
||||
AssumeRoleConfig lets users set configuration options for assuming a special
|
||||
role when executing Packer.
|
||||
|
||||
Usage example:
|
||||
|
||||
HCL config example:
|
||||
|
||||
```HCL
|
||||
source "example" "amazon-ebs"{
|
||||
assume_role {
|
||||
role_arn = "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME"
|
||||
session_name = "SESSION_NAME"
|
||||
external_id = "EXTERNAL_ID"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
JSON config example:
|
||||
|
||||
```json
|
||||
builder{
|
||||
"type": "amazon-ebs",
|
||||
"assume_role": {
|
||||
"role_arn" : "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME",
|
||||
"session_name": "SESSION_NAME",
|
||||
"external_id" : "EXTERNAL_ID"
|
||||
}
|
||||
}
|
||||
```
|
Loading…
Reference in New Issue