mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 11:00:25 +00:00
rebase: Bump github.com/aws/aws-sdk-go from 1.44.295 to 1.44.298
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.295 to 1.44.298. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.295...v1.44.298) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
parent
d231cde05e
commit
7d38757aaa
2
go.mod
2
go.mod
@ -4,7 +4,7 @@ go 1.20
|
||||
|
||||
require (
|
||||
github.com/IBM/keyprotect-go-client v0.10.0
|
||||
github.com/aws/aws-sdk-go v1.44.295
|
||||
github.com/aws/aws-sdk-go v1.44.298
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.2
|
||||
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
|
||||
// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
|
||||
|
4
go.sum
4
go.sum
@ -154,8 +154,8 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4
|
||||
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
|
||||
github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.44.295 h1:SGjU1+MqttXfRiWHD6WU0DRhaanJgAFY+xIhEaugV8Y=
|
||||
github.com/aws/aws-sdk-go v1.44.295/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go v1.44.298 h1:5qTxdubgV7PptZJmp/2qDwD2JL187ePL7VOxsSh1i3g=
|
||||
github.com/aws/aws-sdk-go v1.44.298/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.1 h1:+tefE750oAb7ZQGzla6bLkOwfcQCEtC5y2RqoqCeqKo=
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.1/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.34 h1:A5UqQEmPaCFpedKouS4v+dHCTUo2sKqhoKO9U5kxyWo=
|
||||
|
50
vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go
generated
vendored
Normal file
50
vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go
generated
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
package bearer
|
||||
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"time"
|
||||
)
|
||||
|
||||
// Token provides a type wrapping a bearer token and expiration metadata.
|
||||
type Token struct {
|
||||
Value string
|
||||
|
||||
CanExpire bool
|
||||
Expires time.Time
|
||||
}
|
||||
|
||||
// Expired returns if the token's Expires time is before or equal to the time
|
||||
// provided. If CanExpire is false, Expired will always return false.
|
||||
func (t Token) Expired(now time.Time) bool {
|
||||
if !t.CanExpire {
|
||||
return false
|
||||
}
|
||||
now = now.Round(0)
|
||||
return now.Equal(t.Expires) || now.After(t.Expires)
|
||||
}
|
||||
|
||||
// TokenProvider provides interface for retrieving bearer tokens.
|
||||
type TokenProvider interface {
|
||||
RetrieveBearerToken(aws.Context) (Token, error)
|
||||
}
|
||||
|
||||
// TokenProviderFunc provides a helper utility to wrap a function as a type
|
||||
// that implements the TokenProvider interface.
|
||||
type TokenProviderFunc func(aws.Context) (Token, error)
|
||||
|
||||
// RetrieveBearerToken calls the wrapped function, returning the Token or
|
||||
// error.
|
||||
func (fn TokenProviderFunc) RetrieveBearerToken(ctx aws.Context) (Token, error) {
|
||||
return fn(ctx)
|
||||
}
|
||||
|
||||
// StaticTokenProvider provides a utility for wrapping a static bearer token
|
||||
// value within an implementation of a token provider.
|
||||
type StaticTokenProvider struct {
|
||||
Token Token
|
||||
}
|
||||
|
||||
// RetrieveBearerToken returns the static token specified.
|
||||
func (s StaticTokenProvider) RetrieveBearerToken(aws.Context) (Token, error) {
|
||||
return s.Token, nil
|
||||
}
|
71
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go
generated
vendored
71
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go
generated
vendored
@ -4,13 +4,13 @@ import (
|
||||
"crypto/sha1"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/auth/bearer"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
@ -55,6 +55,19 @@ type Provider struct {
|
||||
|
||||
// The URL that points to the organization's AWS Single Sign-On (AWS SSO) user portal.
|
||||
StartURL string
|
||||
|
||||
// The filepath the cached token will be retrieved from. If unset Provider will
|
||||
// use the startURL to determine the filepath at.
|
||||
//
|
||||
// ~/.aws/sso/cache/<sha1-hex-encoded-startURL>.json
|
||||
//
|
||||
// If custom cached token filepath is used, the Provider's startUrl
|
||||
// parameter will be ignored.
|
||||
CachedTokenFilepath string
|
||||
|
||||
// Used by the SSOCredentialProvider if a token configuration
|
||||
// profile is used in the shared config
|
||||
TokenProvider bearer.TokenProvider
|
||||
}
|
||||
|
||||
// NewCredentials returns a new AWS Single Sign-On (AWS SSO) credential provider. The ConfigProvider is expected to be configured
|
||||
@ -89,13 +102,31 @@ func (p *Provider) Retrieve() (credentials.Value, error) {
|
||||
// RetrieveWithContext retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal
|
||||
// by exchanging the accessToken present in ~/.aws/sso/cache.
|
||||
func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
tokenFile, err := loadTokenFile(p.StartURL)
|
||||
var accessToken *string
|
||||
if p.TokenProvider != nil {
|
||||
token, err := p.TokenProvider.RetrieveBearerToken(ctx)
|
||||
if err != nil {
|
||||
return credentials.Value{}, err
|
||||
}
|
||||
accessToken = &token.Value
|
||||
} else {
|
||||
if p.CachedTokenFilepath == "" {
|
||||
cachedTokenFilePath, err := getCachedFilePath(p.StartURL)
|
||||
if err != nil {
|
||||
return credentials.Value{}, err
|
||||
}
|
||||
p.CachedTokenFilepath = cachedTokenFilePath
|
||||
}
|
||||
|
||||
tokenFile, err := loadTokenFile(p.CachedTokenFilepath)
|
||||
if err != nil {
|
||||
return credentials.Value{}, err
|
||||
}
|
||||
accessToken = &tokenFile.AccessToken
|
||||
}
|
||||
|
||||
output, err := p.Client.GetRoleCredentialsWithContext(ctx, &sso.GetRoleCredentialsInput{
|
||||
AccessToken: &tokenFile.AccessToken,
|
||||
AccessToken: accessToken,
|
||||
AccountId: &p.AccountID,
|
||||
RoleName: &p.RoleName,
|
||||
})
|
||||
@ -114,32 +145,13 @@ func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Val
|
||||
}, nil
|
||||
}
|
||||
|
||||
func getCacheFileName(url string) (string, error) {
|
||||
func getCachedFilePath(startUrl string) (string, error) {
|
||||
hash := sha1.New()
|
||||
_, err := hash.Write([]byte(url))
|
||||
_, err := hash.Write([]byte(startUrl))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json", nil
|
||||
}
|
||||
|
||||
type rfc3339 time.Time
|
||||
|
||||
func (r *rfc3339) UnmarshalJSON(bytes []byte) error {
|
||||
var value string
|
||||
|
||||
if err := json.Unmarshal(bytes, &value); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
parse, err := time.Parse(time.RFC3339, value)
|
||||
if err != nil {
|
||||
return fmt.Errorf("expected RFC3339 timestamp: %v", err)
|
||||
}
|
||||
|
||||
*r = rfc3339(parse)
|
||||
|
||||
return nil
|
||||
return filepath.Join(defaultCacheLocation(), strings.ToLower(hex.EncodeToString(hash.Sum(nil)))+".json"), nil
|
||||
}
|
||||
|
||||
type token struct {
|
||||
@ -153,13 +165,8 @@ func (t token) Expired() bool {
|
||||
return nowTime().Round(0).After(time.Time(t.ExpiresAt))
|
||||
}
|
||||
|
||||
func loadTokenFile(startURL string) (t token, err error) {
|
||||
key, err := getCacheFileName(startURL)
|
||||
if err != nil {
|
||||
return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err)
|
||||
}
|
||||
|
||||
fileBytes, err := ioutil.ReadFile(filepath.Join(defaultCacheLocation(), key))
|
||||
func loadTokenFile(cachedTokenPath string) (t token, err error) {
|
||||
fileBytes, err := ioutil.ReadFile(cachedTokenPath)
|
||||
if err != nil {
|
||||
return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err)
|
||||
}
|
||||
|
237
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go
generated
vendored
Normal file
237
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go
generated
vendored
Normal file
@ -0,0 +1,237 @@
|
||||
package ssocreds
|
||||
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"github.com/aws/aws-sdk-go/internal/shareddefaults"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
var resolvedOsUserHomeDir = shareddefaults.UserHomeDir
|
||||
|
||||
// StandardCachedTokenFilepath returns the filepath for the cached SSO token file, or
|
||||
// error if unable get derive the path. Key that will be used to compute a SHA1
|
||||
// value that is hex encoded.
|
||||
//
|
||||
// Derives the filepath using the Key as:
|
||||
//
|
||||
// ~/.aws/sso/cache/<sha1-hex-encoded-key>.json
|
||||
func StandardCachedTokenFilepath(key string) (string, error) {
|
||||
homeDir := resolvedOsUserHomeDir()
|
||||
if len(homeDir) == 0 {
|
||||
return "", fmt.Errorf("unable to get USER's home directory for cached token")
|
||||
}
|
||||
hash := sha1.New()
|
||||
if _, err := hash.Write([]byte(key)); err != nil {
|
||||
return "", fmt.Errorf("unable to compute cached token filepath key SHA1 hash, %v", err)
|
||||
}
|
||||
|
||||
cacheFilename := strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json"
|
||||
|
||||
return filepath.Join(homeDir, ".aws", "sso", "cache", cacheFilename), nil
|
||||
}
|
||||
|
||||
type tokenKnownFields struct {
|
||||
AccessToken string `json:"accessToken,omitempty"`
|
||||
ExpiresAt *rfc3339 `json:"expiresAt,omitempty"`
|
||||
|
||||
RefreshToken string `json:"refreshToken,omitempty"`
|
||||
ClientID string `json:"clientId,omitempty"`
|
||||
ClientSecret string `json:"clientSecret,omitempty"`
|
||||
}
|
||||
|
||||
type cachedToken struct {
|
||||
tokenKnownFields
|
||||
UnknownFields map[string]interface{} `json:"-"`
|
||||
}
|
||||
|
||||
// MarshalJSON provides custom marshalling because the standard library Go marshaller ignores unknown/unspecified fields
|
||||
// when marshalling from a struct: https://pkg.go.dev/encoding/json#Marshal
|
||||
// This function adds some extra validation to the known fields and captures unknown fields.
|
||||
func (t cachedToken) MarshalJSON() ([]byte, error) {
|
||||
fields := map[string]interface{}{}
|
||||
|
||||
setTokenFieldString(fields, "accessToken", t.AccessToken)
|
||||
setTokenFieldRFC3339(fields, "expiresAt", t.ExpiresAt)
|
||||
|
||||
setTokenFieldString(fields, "refreshToken", t.RefreshToken)
|
||||
setTokenFieldString(fields, "clientId", t.ClientID)
|
||||
setTokenFieldString(fields, "clientSecret", t.ClientSecret)
|
||||
|
||||
for k, v := range t.UnknownFields {
|
||||
if _, ok := fields[k]; ok {
|
||||
return nil, fmt.Errorf("unknown token field %v, duplicates known field", k)
|
||||
}
|
||||
fields[k] = v
|
||||
}
|
||||
|
||||
return json.Marshal(fields)
|
||||
}
|
||||
|
||||
func setTokenFieldString(fields map[string]interface{}, key, value string) {
|
||||
if value == "" {
|
||||
return
|
||||
}
|
||||
fields[key] = value
|
||||
}
|
||||
func setTokenFieldRFC3339(fields map[string]interface{}, key string, value *rfc3339) {
|
||||
if value == nil {
|
||||
return
|
||||
}
|
||||
fields[key] = value
|
||||
}
|
||||
|
||||
// UnmarshalJSON provides custom unmarshalling because the standard library Go unmarshaller ignores unknown/unspecified
|
||||
// fields when unmarshalling from a struct: https://pkg.go.dev/encoding/json#Unmarshal
|
||||
// This function adds some extra validation to the known fields and captures unknown fields.
|
||||
func (t *cachedToken) UnmarshalJSON(b []byte) error {
|
||||
var fields map[string]interface{}
|
||||
if err := json.Unmarshal(b, &fields); err != nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
t.UnknownFields = map[string]interface{}{}
|
||||
|
||||
for k, v := range fields {
|
||||
var err error
|
||||
switch k {
|
||||
case "accessToken":
|
||||
err = getTokenFieldString(v, &t.AccessToken)
|
||||
case "expiresAt":
|
||||
err = getTokenFieldRFC3339(v, &t.ExpiresAt)
|
||||
case "refreshToken":
|
||||
err = getTokenFieldString(v, &t.RefreshToken)
|
||||
case "clientId":
|
||||
err = getTokenFieldString(v, &t.ClientID)
|
||||
case "clientSecret":
|
||||
err = getTokenFieldString(v, &t.ClientSecret)
|
||||
default:
|
||||
t.UnknownFields[k] = v
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("field %q, %v", k, err)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func getTokenFieldString(v interface{}, value *string) error {
|
||||
var ok bool
|
||||
*value, ok = v.(string)
|
||||
if !ok {
|
||||
return fmt.Errorf("expect value to be string, got %T", v)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func getTokenFieldRFC3339(v interface{}, value **rfc3339) error {
|
||||
var stringValue string
|
||||
if err := getTokenFieldString(v, &stringValue); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
timeValue, err := parseRFC3339(stringValue)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
*value = &timeValue
|
||||
return nil
|
||||
}
|
||||
|
||||
func loadCachedToken(filename string) (cachedToken, error) {
|
||||
fileBytes, err := ioutil.ReadFile(filename)
|
||||
if err != nil {
|
||||
return cachedToken{}, fmt.Errorf("failed to read cached SSO token file, %v", err)
|
||||
}
|
||||
|
||||
var t cachedToken
|
||||
if err := json.Unmarshal(fileBytes, &t); err != nil {
|
||||
return cachedToken{}, fmt.Errorf("failed to parse cached SSO token file, %v", err)
|
||||
}
|
||||
|
||||
if len(t.AccessToken) == 0 || t.ExpiresAt == nil || time.Time(*t.ExpiresAt).IsZero() {
|
||||
return cachedToken{}, fmt.Errorf(
|
||||
"cached SSO token must contain accessToken and expiresAt fields")
|
||||
}
|
||||
|
||||
return t, nil
|
||||
}
|
||||
|
||||
func storeCachedToken(filename string, t cachedToken, fileMode os.FileMode) (err error) {
|
||||
tmpFilename := filename + ".tmp-" + strconv.FormatInt(nowTime().UnixNano(), 10)
|
||||
if err := writeCacheFile(tmpFilename, fileMode, t); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := os.Rename(tmpFilename, filename); err != nil {
|
||||
return fmt.Errorf("failed to replace old cached SSO token file, %v", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func writeCacheFile(filename string, fileMode os.FileMode, t cachedToken) (err error) {
|
||||
var f *os.File
|
||||
f, err = os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_RDWR, fileMode)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create cached SSO token file %v", err)
|
||||
}
|
||||
|
||||
defer func() {
|
||||
closeErr := f.Close()
|
||||
if err == nil && closeErr != nil {
|
||||
err = fmt.Errorf("failed to close cached SSO token file, %v", closeErr)
|
||||
}
|
||||
}()
|
||||
|
||||
encoder := json.NewEncoder(f)
|
||||
|
||||
if err = encoder.Encode(t); err != nil {
|
||||
return fmt.Errorf("failed to serialize cached SSO token, %v", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
type rfc3339 time.Time
|
||||
|
||||
// UnmarshalJSON decode rfc3339 from JSON format
|
||||
func (r *rfc3339) UnmarshalJSON(bytes []byte) error {
|
||||
var value string
|
||||
var err error
|
||||
|
||||
if err = json.Unmarshal(bytes, &value); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
*r, err = parseRFC3339(value)
|
||||
return err
|
||||
}
|
||||
|
||||
func parseRFC3339(v string) (rfc3339, error) {
|
||||
parsed, err := time.Parse(time.RFC3339, v)
|
||||
if err != nil {
|
||||
return rfc3339{}, fmt.Errorf("expected RFC3339 timestamp: %v", err)
|
||||
}
|
||||
|
||||
return rfc3339(parsed), nil
|
||||
}
|
||||
|
||||
// MarshalJSON encode rfc3339 to JSON format time
|
||||
func (r *rfc3339) MarshalJSON() ([]byte, error) {
|
||||
value := time.Time(*r).Format(time.RFC3339)
|
||||
|
||||
// Use JSON unmarshal to unescape the quoted value making use of JSON's
|
||||
// quoting rules.
|
||||
return json.Marshal(value)
|
||||
}
|
139
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go
generated
vendored
Normal file
139
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go
generated
vendored
Normal file
@ -0,0 +1,139 @@
|
||||
package ssocreds
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/auth/bearer"
|
||||
"github.com/aws/aws-sdk-go/service/ssooidc"
|
||||
)
|
||||
|
||||
// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API
|
||||
// client for calling CreateToken operation to refresh the SSO token.
|
||||
type CreateTokenAPIClient interface {
|
||||
CreateToken(input *ssooidc.CreateTokenInput) (*ssooidc.CreateTokenOutput, error)
|
||||
}
|
||||
|
||||
// SSOTokenProviderOptions provides the options for configuring the
|
||||
// SSOTokenProvider.
|
||||
type SSOTokenProviderOptions struct {
|
||||
// Client that can be overridden
|
||||
Client CreateTokenAPIClient
|
||||
|
||||
// The path the file containing the cached SSO token will be read from.
|
||||
// Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter.
|
||||
CachedTokenFilepath string
|
||||
}
|
||||
|
||||
// SSOTokenProvider provides a utility for refreshing SSO AccessTokens for
|
||||
// Bearer Authentication. The SSOTokenProvider can only be used to refresh
|
||||
// already cached SSO Tokens. This utility cannot perform the initial SSO
|
||||
// create token.
|
||||
//
|
||||
// The initial SSO create token should be preformed with the AWS CLI before the
|
||||
// Go application using the SSOTokenProvider will need to retrieve the SSO
|
||||
// token. If the AWS CLI has not created the token cache file, this provider
|
||||
// will return an error when attempting to retrieve the cached token.
|
||||
//
|
||||
// This provider will attempt to refresh the cached SSO token periodically if
|
||||
// needed when RetrieveBearerToken is called.
|
||||
//
|
||||
// A utility such as the AWS CLI must be used to initially create the SSO
|
||||
// session and cached token file.
|
||||
// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
|
||||
type SSOTokenProvider struct {
|
||||
options SSOTokenProviderOptions
|
||||
}
|
||||
|
||||
// NewSSOTokenProvider returns an initialized SSOTokenProvider that will
|
||||
// periodically refresh the SSO token cached stored in the cachedTokenFilepath.
|
||||
// The cachedTokenFilepath file's content will be rewritten by the token
|
||||
// provider when the token is refreshed.
|
||||
//
|
||||
// The client must be configured for the AWS region the SSO token was created for.
|
||||
func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider {
|
||||
options := SSOTokenProviderOptions{
|
||||
Client: client,
|
||||
CachedTokenFilepath: cachedTokenFilepath,
|
||||
}
|
||||
for _, fn := range optFns {
|
||||
fn(&options)
|
||||
}
|
||||
|
||||
provider := &SSOTokenProvider{
|
||||
options: options,
|
||||
}
|
||||
|
||||
return provider
|
||||
}
|
||||
|
||||
// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath
|
||||
// the SSOTokenProvider was created with. If the token has expired
|
||||
// RetrieveBearerToken will attempt to refresh it. If the token cannot be
|
||||
// refreshed or is not present an error will be returned.
|
||||
//
|
||||
// A utility such as the AWS CLI must be used to initially create the SSO
|
||||
// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
|
||||
func (p *SSOTokenProvider) RetrieveBearerToken(ctx aws.Context) (bearer.Token, error) {
|
||||
cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath)
|
||||
if err != nil {
|
||||
return bearer.Token{}, err
|
||||
}
|
||||
|
||||
if cachedToken.ExpiresAt != nil && nowTime().After(time.Time(*cachedToken.ExpiresAt)) {
|
||||
cachedToken, err = p.refreshToken(cachedToken)
|
||||
if err != nil {
|
||||
return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
expiresAt := toTime((*time.Time)(cachedToken.ExpiresAt))
|
||||
return bearer.Token{
|
||||
Value: cachedToken.AccessToken,
|
||||
CanExpire: !expiresAt.IsZero(),
|
||||
Expires: expiresAt,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error) {
|
||||
if token.ClientSecret == "" || token.ClientID == "" || token.RefreshToken == "" {
|
||||
return cachedToken{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed")
|
||||
}
|
||||
|
||||
createResult, err := p.options.Client.CreateToken(&ssooidc.CreateTokenInput{
|
||||
ClientId: &token.ClientID,
|
||||
ClientSecret: &token.ClientSecret,
|
||||
RefreshToken: &token.RefreshToken,
|
||||
GrantType: aws.String("refresh_token"),
|
||||
})
|
||||
if err != nil {
|
||||
return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err)
|
||||
}
|
||||
|
||||
expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second)
|
||||
|
||||
token.AccessToken = *createResult.AccessToken
|
||||
token.ExpiresAt = (*rfc3339)(&expiresAt)
|
||||
token.RefreshToken = *createResult.RefreshToken
|
||||
|
||||
fileInfo, err := os.Stat(p.options.CachedTokenFilepath)
|
||||
if err != nil {
|
||||
return cachedToken{}, fmt.Errorf("failed to stat cached SSO token file %v", err)
|
||||
}
|
||||
|
||||
if err = storeCachedToken(p.options.CachedTokenFilepath, token, fileInfo.Mode()); err != nil {
|
||||
return cachedToken{}, fmt.Errorf("unable to cache refreshed SSO token, %v", err)
|
||||
}
|
||||
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func toTime(p *time.Time) (v time.Time) {
|
||||
if p == nil {
|
||||
return v
|
||||
}
|
||||
|
||||
return *p
|
||||
}
|
18
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
18
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
@ -17557,6 +17557,9 @@ var awsPartition = partition{
|
||||
},
|
||||
"mediaconnect": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "af-south-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-east-1",
|
||||
}: endpoint{},
|
||||
@ -17575,6 +17578,9 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "ap-southeast-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-central-1",
|
||||
}: endpoint{},
|
||||
@ -19133,6 +19139,9 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "ap-south-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-south-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-1",
|
||||
}: endpoint{},
|
||||
@ -19142,6 +19151,9 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "ap-southeast-3",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-4",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
@ -19154,12 +19166,18 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "eu-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-central-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-north-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-south-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-south-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-west-1",
|
||||
}: endpoint{},
|
||||
|
31
vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
generated
vendored
31
vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
generated
vendored
@ -14,6 +14,7 @@ import (
|
||||
"github.com/aws/aws-sdk-go/aws/defaults"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/shareddefaults"
|
||||
"github.com/aws/aws-sdk-go/service/ssooidc"
|
||||
"github.com/aws/aws-sdk-go/service/sts"
|
||||
)
|
||||
|
||||
@ -23,6 +24,10 @@ type CredentialsProviderOptions struct {
|
||||
// WebIdentityRoleProviderOptions configures a WebIdentityRoleProvider,
|
||||
// such as setting its ExpiryWindow.
|
||||
WebIdentityRoleProviderOptions func(*stscreds.WebIdentityRoleProvider)
|
||||
|
||||
// ProcessProviderOptions configures a ProcessProvider,
|
||||
// such as setting its Timeout.
|
||||
ProcessProviderOptions func(*processcreds.ProcessProvider)
|
||||
}
|
||||
|
||||
func resolveCredentials(cfg *aws.Config,
|
||||
@ -33,7 +38,7 @@ func resolveCredentials(cfg *aws.Config,
|
||||
|
||||
switch {
|
||||
case len(sessOpts.Profile) != 0:
|
||||
// User explicitly provided an Profile in the session's configuration
|
||||
// User explicitly provided a Profile in the session's configuration
|
||||
// so load that profile from shared config first.
|
||||
// Github(aws/aws-sdk-go#2727)
|
||||
return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts)
|
||||
@ -134,7 +139,11 @@ func resolveCredsFromProfile(cfg *aws.Config,
|
||||
|
||||
case len(sharedCfg.CredentialProcess) != 0:
|
||||
// Get credentials from CredentialProcess
|
||||
creds = processcreds.NewCredentials(sharedCfg.CredentialProcess)
|
||||
var optFns []func(*processcreds.ProcessProvider)
|
||||
if sessOpts.CredentialsProviderOptions != nil && sessOpts.CredentialsProviderOptions.ProcessProviderOptions != nil {
|
||||
optFns = append(optFns, sessOpts.CredentialsProviderOptions.ProcessProviderOptions)
|
||||
}
|
||||
creds = processcreds.NewCredentials(sharedCfg.CredentialProcess, optFns...)
|
||||
|
||||
default:
|
||||
// Fallback to default credentials provider, include mock errors for
|
||||
@ -173,8 +182,25 @@ func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers req
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var optFns []func(provider *ssocreds.Provider)
|
||||
cfgCopy := cfg.Copy()
|
||||
|
||||
if sharedCfg.SSOSession != nil {
|
||||
cfgCopy.Region = &sharedCfg.SSOSession.SSORegion
|
||||
cachedPath, err := ssocreds.StandardCachedTokenFilepath(sharedCfg.SSOSession.Name)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
mySession := Must(NewSession())
|
||||
oidcClient := ssooidc.New(mySession, cfgCopy)
|
||||
tokenProvider := ssocreds.NewSSOTokenProvider(oidcClient, cachedPath)
|
||||
optFns = append(optFns, func(p *ssocreds.Provider) {
|
||||
p.TokenProvider = tokenProvider
|
||||
p.CachedTokenFilepath = cachedPath
|
||||
})
|
||||
} else {
|
||||
cfgCopy.Region = &sharedCfg.SSORegion
|
||||
}
|
||||
|
||||
return ssocreds.NewCredentials(
|
||||
&Session{
|
||||
@ -184,6 +210,7 @@ func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers req
|
||||
sharedCfg.SSOAccountID,
|
||||
sharedCfg.SSORoleName,
|
||||
sharedCfg.SSOStartURL,
|
||||
optFns...,
|
||||
), nil
|
||||
}
|
||||
|
||||
|
2
vendor/github.com/aws/aws-sdk-go/aws/session/session.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/session/session.go
generated
vendored
@ -37,7 +37,7 @@ const (
|
||||
|
||||
// ErrSharedConfigSourceCollision will be returned if a section contains both
|
||||
// source_profile and credential_source
|
||||
var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token, or sso", nil)
|
||||
var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token", nil)
|
||||
|
||||
// ErrSharedConfigECSContainerEnvVarEmpty will be returned if the environment
|
||||
// variables are empty and Environment was set as the credential source
|
||||
|
166
vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
generated
vendored
166
vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
generated
vendored
@ -26,6 +26,13 @@ const (
|
||||
roleSessionNameKey = `role_session_name` // optional
|
||||
roleDurationSecondsKey = "duration_seconds" // optional
|
||||
|
||||
// Prefix to be used for SSO sections. These are supposed to only exist in
|
||||
// the shared config file, not the credentials file.
|
||||
ssoSectionPrefix = `sso-session `
|
||||
|
||||
// AWS Single Sign-On (AWS SSO) group
|
||||
ssoSessionNameKey = "sso_session"
|
||||
|
||||
// AWS Single Sign-On (AWS SSO) group
|
||||
ssoAccountIDKey = "sso_account_id"
|
||||
ssoRegionKey = "sso_region"
|
||||
@ -99,6 +106,10 @@ type sharedConfig struct {
|
||||
CredentialProcess string
|
||||
WebIdentityTokenFile string
|
||||
|
||||
// SSO session options
|
||||
SSOSessionName string
|
||||
SSOSession *ssoSession
|
||||
|
||||
SSOAccountID string
|
||||
SSORegion string
|
||||
SSORoleName string
|
||||
@ -186,6 +197,20 @@ type sharedConfigFile struct {
|
||||
IniData ini.Sections
|
||||
}
|
||||
|
||||
// SSOSession provides the shared configuration parameters of the sso-session
|
||||
// section.
|
||||
type ssoSession struct {
|
||||
Name string
|
||||
SSORegion string
|
||||
SSOStartURL string
|
||||
}
|
||||
|
||||
func (s *ssoSession) setFromIniSection(section ini.Section) {
|
||||
updateString(&s.Name, section, ssoSessionNameKey)
|
||||
updateString(&s.SSORegion, section, ssoRegionKey)
|
||||
updateString(&s.SSOStartURL, section, ssoStartURL)
|
||||
}
|
||||
|
||||
// loadSharedConfig retrieves the configuration from the list of files using
|
||||
// the profile provided. The order the files are listed will determine
|
||||
// precedence. Values in subsequent files will overwrite values defined in
|
||||
@ -266,13 +291,13 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s
|
||||
// profile only have credential provider options.
|
||||
cfg.clearAssumeRoleOptions()
|
||||
} else {
|
||||
// First time a profile has been seen, It must either be a assume role
|
||||
// credentials, or SSO. Assert if the credential type requires a role ARN,
|
||||
// the ARN is also set, or validate that the SSO configuration is complete.
|
||||
// First time a profile has been seen. Assert if the credential type
|
||||
// requires a role ARN, the ARN is also set
|
||||
if err := cfg.validateCredentialsConfig(profile); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
profiles[profile] = struct{}{}
|
||||
|
||||
if err := cfg.validateCredentialType(); err != nil {
|
||||
@ -308,6 +333,30 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s
|
||||
cfg.SourceProfile = srcCfg
|
||||
}
|
||||
|
||||
// If the profile contains an SSO session parameter, the session MUST exist
|
||||
// as a section in the config file. Load the SSO session using the name
|
||||
// provided. If the session section is not found or incomplete an error
|
||||
// will be returned.
|
||||
if cfg.hasSSOTokenProviderConfiguration() {
|
||||
skippedFiles = 0
|
||||
for _, f := range files {
|
||||
section, ok := f.IniData.GetSection(fmt.Sprintf(ssoSectionPrefix + strings.TrimSpace(cfg.SSOSessionName)))
|
||||
if ok {
|
||||
var ssoSession ssoSession
|
||||
ssoSession.setFromIniSection(section)
|
||||
ssoSession.Name = cfg.SSOSessionName
|
||||
cfg.SSOSession = &ssoSession
|
||||
break
|
||||
}
|
||||
skippedFiles++
|
||||
}
|
||||
if skippedFiles == len(files) {
|
||||
// If all files were skipped because the sso session section is not found, return
|
||||
// the sso section not found error.
|
||||
return fmt.Errorf("failed to find SSO session section, %v", cfg.SSOSessionName)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -363,6 +412,10 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e
|
||||
cfg.S3UsEast1RegionalEndpoint = sre
|
||||
}
|
||||
|
||||
// AWS Single Sign-On (AWS SSO)
|
||||
// SSO session options
|
||||
updateString(&cfg.SSOSessionName, section, ssoSessionNameKey)
|
||||
|
||||
// AWS Single Sign-On (AWS SSO)
|
||||
updateString(&cfg.SSOAccountID, section, ssoAccountIDKey)
|
||||
updateString(&cfg.SSORegion, section, ssoRegionKey)
|
||||
@ -461,32 +514,20 @@ func (cfg *sharedConfig) validateCredentialType() error {
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) validateSSOConfiguration() error {
|
||||
if !cfg.hasSSOConfiguration() {
|
||||
if cfg.hasSSOTokenProviderConfiguration() {
|
||||
err := cfg.validateSSOTokenProviderConfiguration()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
var missing []string
|
||||
if len(cfg.SSOAccountID) == 0 {
|
||||
missing = append(missing, ssoAccountIDKey)
|
||||
if cfg.hasLegacySSOConfiguration() {
|
||||
err := cfg.validateLegacySSOConfiguration()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if len(cfg.SSORegion) == 0 {
|
||||
missing = append(missing, ssoRegionKey)
|
||||
}
|
||||
|
||||
if len(cfg.SSORoleName) == 0 {
|
||||
missing = append(missing, ssoRoleNameKey)
|
||||
}
|
||||
|
||||
if len(cfg.SSOStartURL) == 0 {
|
||||
missing = append(missing, ssoStartURL)
|
||||
}
|
||||
|
||||
if len(missing) > 0 {
|
||||
return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s",
|
||||
cfg.Profile, strings.Join(missing, ", "))
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -525,15 +566,76 @@ func (cfg *sharedConfig) clearAssumeRoleOptions() {
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) hasSSOConfiguration() bool {
|
||||
switch {
|
||||
case len(cfg.SSOAccountID) != 0:
|
||||
case len(cfg.SSORegion) != 0:
|
||||
case len(cfg.SSORoleName) != 0:
|
||||
case len(cfg.SSOStartURL) != 0:
|
||||
default:
|
||||
return false
|
||||
return cfg.hasSSOTokenProviderConfiguration() || cfg.hasLegacySSOConfiguration()
|
||||
}
|
||||
return true
|
||||
|
||||
func (c *sharedConfig) hasSSOTokenProviderConfiguration() bool {
|
||||
return len(c.SSOSessionName) > 0
|
||||
}
|
||||
|
||||
func (c *sharedConfig) hasLegacySSOConfiguration() bool {
|
||||
return len(c.SSORegion) > 0 || len(c.SSOAccountID) > 0 || len(c.SSOStartURL) > 0 || len(c.SSORoleName) > 0
|
||||
}
|
||||
|
||||
func (c *sharedConfig) validateSSOTokenProviderConfiguration() error {
|
||||
var missing []string
|
||||
|
||||
if len(c.SSOSessionName) == 0 {
|
||||
missing = append(missing, ssoSessionNameKey)
|
||||
}
|
||||
|
||||
if c.SSOSession == nil {
|
||||
missing = append(missing, ssoSectionPrefix)
|
||||
} else {
|
||||
if len(c.SSOSession.SSORegion) == 0 {
|
||||
missing = append(missing, ssoRegionKey)
|
||||
}
|
||||
|
||||
if len(c.SSOSession.SSOStartURL) == 0 {
|
||||
missing = append(missing, ssoStartURL)
|
||||
}
|
||||
}
|
||||
|
||||
if len(missing) > 0 {
|
||||
return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s",
|
||||
c.Profile, strings.Join(missing, ", "))
|
||||
}
|
||||
|
||||
if len(c.SSORegion) > 0 && c.SSORegion != c.SSOSession.SSORegion {
|
||||
return fmt.Errorf("%s in profile %q must match %s in %s", ssoRegionKey, c.Profile, ssoRegionKey, ssoSectionPrefix)
|
||||
}
|
||||
|
||||
if len(c.SSOStartURL) > 0 && c.SSOStartURL != c.SSOSession.SSOStartURL {
|
||||
return fmt.Errorf("%s in profile %q must match %s in %s", ssoStartURL, c.Profile, ssoStartURL, ssoSectionPrefix)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *sharedConfig) validateLegacySSOConfiguration() error {
|
||||
var missing []string
|
||||
|
||||
if len(c.SSORegion) == 0 {
|
||||
missing = append(missing, ssoRegionKey)
|
||||
}
|
||||
|
||||
if len(c.SSOStartURL) == 0 {
|
||||
missing = append(missing, ssoStartURL)
|
||||
}
|
||||
|
||||
if len(c.SSOAccountID) == 0 {
|
||||
missing = append(missing, ssoAccountIDKey)
|
||||
}
|
||||
|
||||
if len(c.SSORoleName) == 0 {
|
||||
missing = append(missing, ssoRoleNameKey)
|
||||
}
|
||||
|
||||
if len(missing) > 0 {
|
||||
return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s",
|
||||
c.Profile, strings.Join(missing, ", "))
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func oneOrNone(bs ...bool) bool {
|
||||
|
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
@ -5,4 +5,4 @@ package aws
|
||||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.44.295"
|
||||
const SDKVersion = "1.44.298"
|
||||
|
295
vendor/github.com/aws/aws-sdk-go/service/kms/api.go
generated
vendored
295
vendor/github.com/aws/aws-sdk-go/service/kms/api.go
generated
vendored
@ -974,6 +974,9 @@ func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request,
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateGrant
|
||||
func (c *KMS) CreateGrant(input *CreateGrantInput) (*CreateGrantOutput, error) {
|
||||
req, out := c.CreateGrantRequest(input)
|
||||
@ -1563,6 +1566,9 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Decrypt
|
||||
func (c *KMS) Decrypt(input *DecryptInput) (*DecryptOutput, error) {
|
||||
req, out := c.DecryptRequest(input)
|
||||
@ -3278,6 +3284,9 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Encrypt
|
||||
func (c *KMS) Encrypt(input *EncryptInput) (*EncryptOutput, error) {
|
||||
req, out := c.EncryptRequest(input)
|
||||
@ -3500,6 +3509,9 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request.
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKey
|
||||
func (c *KMS) GenerateDataKey(input *GenerateDataKeyInput) (*GenerateDataKeyOutput, error) {
|
||||
req, out := c.GenerateDataKeyRequest(input)
|
||||
@ -3716,6 +3728,9 @@ func (c *KMS) GenerateDataKeyPairRequest(input *GenerateDataKeyPairInput) (req *
|
||||
// The request was rejected because a specified parameter is not supported or
|
||||
// a specified resource is not valid for this operation.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPair
|
||||
func (c *KMS) GenerateDataKeyPair(input *GenerateDataKeyPairInput) (*GenerateDataKeyPairOutput, error) {
|
||||
req, out := c.GenerateDataKeyPairRequest(input)
|
||||
@ -3907,6 +3922,9 @@ func (c *KMS) GenerateDataKeyPairWithoutPlaintextRequest(input *GenerateDataKeyP
|
||||
// The request was rejected because a specified parameter is not supported or
|
||||
// a specified resource is not valid for this operation.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPairWithoutPlaintext
|
||||
func (c *KMS) GenerateDataKeyPairWithoutPlaintext(input *GenerateDataKeyPairWithoutPlaintextInput) (*GenerateDataKeyPairWithoutPlaintextOutput, error) {
|
||||
req, out := c.GenerateDataKeyPairWithoutPlaintextRequest(input)
|
||||
@ -4106,6 +4124,9 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyWithoutPlaintext
|
||||
func (c *KMS) GenerateDataKeyWithoutPlaintext(input *GenerateDataKeyWithoutPlaintextInput) (*GenerateDataKeyWithoutPlaintextOutput, error) {
|
||||
req, out := c.GenerateDataKeyWithoutPlaintextRequest(input)
|
||||
@ -4265,6 +4286,9 @@ func (c *KMS) GenerateMacRequest(input *GenerateMacInput) (req *request.Request,
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateMac
|
||||
func (c *KMS) GenerateMac(input *GenerateMacInput) (*GenerateMacOutput, error) {
|
||||
req, out := c.GenerateMacRequest(input)
|
||||
@ -6751,6 +6775,9 @@ func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, out
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ReEncrypt
|
||||
func (c *KMS) ReEncrypt(input *ReEncryptInput) (*ReEncryptOutput, error) {
|
||||
req, out := c.ReEncryptRequest(input)
|
||||
@ -7107,6 +7134,9 @@ func (c *KMS) RetireGrantRequest(input *RetireGrantInput) (req *request.Request,
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RetireGrant
|
||||
func (c *KMS) RetireGrant(input *RetireGrantInput) (*RetireGrantOutput, error) {
|
||||
req, out := c.RetireGrantRequest(input)
|
||||
@ -7250,6 +7280,9 @@ func (c *KMS) RevokeGrantRequest(input *RevokeGrantInput) (req *request.Request,
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RevokeGrant
|
||||
func (c *KMS) RevokeGrant(input *RevokeGrantInput) (*RevokeGrantOutput, error) {
|
||||
req, out := c.RevokeGrantRequest(input)
|
||||
@ -7328,9 +7361,8 @@ func (c *KMS) ScheduleKeyDeletionRequest(input *ScheduleKeyDeletionInput) (req *
|
||||
// Deleting a KMS key is a destructive and potentially dangerous operation.
|
||||
// When a KMS key is deleted, all data that was encrypted under the KMS key
|
||||
// is unrecoverable. (The only exception is a multi-Region replica key (kms/latest/developerguide/multi-region-keys-delete.html),
|
||||
// or an asymmetric or HMAC KMS key with imported key material[BUGBUG-link to
|
||||
// importing-keys-managing.html#import-delete-key.) To prevent the use of a
|
||||
// KMS key without deleting it, use DisableKey.
|
||||
// or an asymmetric or HMAC KMS key with imported key material (kms/latest/developerguide/importing-keys-managing.html#import-delete-key).)
|
||||
// To prevent the use of a KMS key without deleting it, use DisableKey.
|
||||
//
|
||||
// You can schedule the deletion of a multi-Region primary key and its replica
|
||||
// keys at any time. However, KMS will not delete a multi-Region primary key
|
||||
@ -7598,6 +7630,9 @@ func (c *KMS) SignRequest(input *SignInput) (req *request.Request, output *SignO
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Sign
|
||||
func (c *KMS) Sign(input *SignInput) (*SignOutput, error) {
|
||||
req, out := c.SignRequest(input)
|
||||
@ -8857,6 +8892,9 @@ func (c *KMS) VerifyRequest(input *VerifyInput) (req *request.Request, output *V
|
||||
// verification fails when it cannot confirm that signature was produced by
|
||||
// signing the specified message with the specified KMS key and signing algorithm.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Verify
|
||||
func (c *KMS) Verify(input *VerifyInput) (*VerifyOutput, error) {
|
||||
req, out := c.VerifyRequest(input)
|
||||
@ -9015,6 +9053,9 @@ func (c *KMS) VerifyMacRequest(input *VerifyMacInput) (req *request.Request, out
|
||||
// exception represents a general failure with many possible causes. To identify
|
||||
// the cause, see the error message that accompanies the exception.
|
||||
//
|
||||
// - DryRunOperationException
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
//
|
||||
// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/VerifyMac
|
||||
func (c *KMS) VerifyMac(input *VerifyMacInput) (*VerifyMacOutput, error) {
|
||||
req, out := c.VerifyMacRequest(input)
|
||||
@ -10165,6 +10206,13 @@ type CreateGrantInput struct {
|
||||
// in the Key Management Service Developer Guide .
|
||||
Constraints *GrantConstraints `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// A list of grant tokens.
|
||||
//
|
||||
// Use a grant token when your permission to call this operation comes from
|
||||
@ -10303,6 +10351,12 @@ func (s *CreateGrantInput) SetConstraints(v *GrantConstraints) *CreateGrantInput
|
||||
return s
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *CreateGrantInput) SetDryRun(v bool) *CreateGrantInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantTokens sets the GrantTokens field's value.
|
||||
func (s *CreateGrantInput) SetGrantTokens(v []*string) *CreateGrantInput {
|
||||
s.GrantTokens = v
|
||||
@ -11333,6 +11387,13 @@ type DecryptInput struct {
|
||||
// CiphertextBlob is a required field
|
||||
CiphertextBlob []byte `min:"1" type:"blob" required:"true"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Specifies the encryption algorithm that will be used to decrypt the ciphertext.
|
||||
// Specify the same algorithm that was used to encrypt the data. If you specify
|
||||
// a different algorithm, the Decrypt operation fails.
|
||||
@ -11468,6 +11529,12 @@ func (s *DecryptInput) SetCiphertextBlob(v []byte) *DecryptInput {
|
||||
return s
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *DecryptInput) SetDryRun(v bool) *DecryptInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value.
|
||||
func (s *DecryptInput) SetEncryptionAlgorithm(v string) *DecryptInput {
|
||||
s.EncryptionAlgorithm = &v
|
||||
@ -12435,6 +12502,70 @@ func (s DisconnectCustomKeyStoreOutput) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
type DryRunOperationException struct {
|
||||
_ struct{} `type:"structure"`
|
||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||
|
||||
Message_ *string `locationName:"message" type:"string"`
|
||||
}
|
||||
|
||||
// String returns the string representation.
|
||||
//
|
||||
// API parameter values that are decorated as "sensitive" in the API will not
|
||||
// be included in the string output. The member name will be present, but the
|
||||
// value will be replaced with "sensitive".
|
||||
func (s DryRunOperationException) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation.
|
||||
//
|
||||
// API parameter values that are decorated as "sensitive" in the API will not
|
||||
// be included in the string output. The member name will be present, but the
|
||||
// value will be replaced with "sensitive".
|
||||
func (s DryRunOperationException) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
func newErrorDryRunOperationException(v protocol.ResponseMetadata) error {
|
||||
return &DryRunOperationException{
|
||||
RespMetadata: v,
|
||||
}
|
||||
}
|
||||
|
||||
// Code returns the exception type name.
|
||||
func (s *DryRunOperationException) Code() string {
|
||||
return "DryRunOperationException"
|
||||
}
|
||||
|
||||
// Message returns the exception's message.
|
||||
func (s *DryRunOperationException) Message() string {
|
||||
if s.Message_ != nil {
|
||||
return *s.Message_
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// OrigErr always returns nil, satisfies awserr.Error interface.
|
||||
func (s *DryRunOperationException) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *DryRunOperationException) Error() string {
|
||||
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
|
||||
}
|
||||
|
||||
// Status code returns the HTTP status code for the request's response error.
|
||||
func (s *DryRunOperationException) StatusCode() int {
|
||||
return s.RespMetadata.StatusCode
|
||||
}
|
||||
|
||||
// RequestID returns the service's response RequestID for request.
|
||||
func (s *DryRunOperationException) RequestID() string {
|
||||
return s.RespMetadata.RequestID
|
||||
}
|
||||
|
||||
type EnableKeyInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
@ -12607,6 +12738,13 @@ func (s EnableKeyRotationOutput) GoString() string {
|
||||
type EncryptInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Specifies the encryption algorithm that KMS will use to encrypt the plaintext
|
||||
// message. The algorithm must be compatible with the KMS key that you specify.
|
||||
//
|
||||
@ -12723,6 +12861,12 @@ func (s *EncryptInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *EncryptInput) SetDryRun(v bool) *EncryptInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value.
|
||||
func (s *EncryptInput) SetEncryptionAlgorithm(v string) *EncryptInput {
|
||||
s.EncryptionAlgorithm = &v
|
||||
@ -12874,6 +13018,13 @@ func (s *ExpiredImportTokenException) RequestID() string {
|
||||
type GenerateDataKeyInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Specifies the encryption context that will be used when encrypting the data
|
||||
// key.
|
||||
//
|
||||
@ -13007,6 +13158,12 @@ func (s *GenerateDataKeyInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *GenerateDataKeyInput) SetDryRun(v bool) *GenerateDataKeyInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionContext sets the EncryptionContext field's value.
|
||||
func (s *GenerateDataKeyInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyInput {
|
||||
s.EncryptionContext = v
|
||||
@ -13129,6 +13286,13 @@ func (s *GenerateDataKeyOutput) SetPlaintext(v []byte) *GenerateDataKeyOutput {
|
||||
type GenerateDataKeyPairInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Specifies the encryption context that will be used when encrypting the private
|
||||
// key in the data key pair.
|
||||
//
|
||||
@ -13260,6 +13424,12 @@ func (s *GenerateDataKeyPairInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *GenerateDataKeyPairInput) SetDryRun(v bool) *GenerateDataKeyPairInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionContext sets the EncryptionContext field's value.
|
||||
func (s *GenerateDataKeyPairInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyPairInput {
|
||||
s.EncryptionContext = v
|
||||
@ -13394,6 +13564,13 @@ func (s *GenerateDataKeyPairOutput) SetPublicKey(v []byte) *GenerateDataKeyPairO
|
||||
type GenerateDataKeyPairWithoutPlaintextInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Specifies the encryption context that will be used when encrypting the private
|
||||
// key in the data key pair.
|
||||
//
|
||||
@ -13496,6 +13673,12 @@ func (s *GenerateDataKeyPairWithoutPlaintextInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *GenerateDataKeyPairWithoutPlaintextInput) SetDryRun(v bool) *GenerateDataKeyPairWithoutPlaintextInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionContext sets the EncryptionContext field's value.
|
||||
func (s *GenerateDataKeyPairWithoutPlaintextInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyPairWithoutPlaintextInput {
|
||||
s.EncryptionContext = v
|
||||
@ -13586,6 +13769,13 @@ func (s *GenerateDataKeyPairWithoutPlaintextOutput) SetPublicKey(v []byte) *Gene
|
||||
type GenerateDataKeyWithoutPlaintextInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Specifies the encryption context that will be used when encrypting the data
|
||||
// key.
|
||||
//
|
||||
@ -13686,6 +13876,12 @@ func (s *GenerateDataKeyWithoutPlaintextInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *GenerateDataKeyWithoutPlaintextInput) SetDryRun(v bool) *GenerateDataKeyWithoutPlaintextInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionContext sets the EncryptionContext field's value.
|
||||
func (s *GenerateDataKeyWithoutPlaintextInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyWithoutPlaintextInput {
|
||||
s.EncryptionContext = v
|
||||
@ -13762,6 +13958,13 @@ func (s *GenerateDataKeyWithoutPlaintextOutput) SetKeyId(v string) *GenerateData
|
||||
type GenerateMacInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// A list of grant tokens.
|
||||
//
|
||||
// Use a grant token when your permission to call this operation comes from
|
||||
@ -13848,6 +14051,12 @@ func (s *GenerateMacInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *GenerateMacInput) SetDryRun(v bool) *GenerateMacInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantTokens sets the GrantTokens field's value.
|
||||
func (s *GenerateMacInput) SetGrantTokens(v []*string) *GenerateMacInput {
|
||||
s.GrantTokens = v
|
||||
@ -17801,6 +18010,13 @@ type ReEncryptInput struct {
|
||||
// DestinationKeyId is a required field
|
||||
DestinationKeyId *string `min:"1" type:"string" required:"true"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// A list of grant tokens.
|
||||
//
|
||||
// Use a grant token when your permission to call this operation comes from
|
||||
@ -17935,6 +18151,12 @@ func (s *ReEncryptInput) SetDestinationKeyId(v string) *ReEncryptInput {
|
||||
return s
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *ReEncryptInput) SetDryRun(v bool) *ReEncryptInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantTokens sets the GrantTokens field's value.
|
||||
func (s *ReEncryptInput) SetGrantTokens(v []*string) *ReEncryptInput {
|
||||
s.GrantTokens = v
|
||||
@ -18387,6 +18609,13 @@ func (s *ReplicateKeyOutput) SetReplicaTags(v []*Tag) *ReplicateKeyOutput {
|
||||
type RetireGrantInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Identifies the grant to retire. To get the grant ID, use CreateGrant, ListGrants,
|
||||
// or ListRetirableGrants.
|
||||
//
|
||||
@ -18446,6 +18675,12 @@ func (s *RetireGrantInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *RetireGrantInput) SetDryRun(v bool) *RetireGrantInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantId sets the GrantId field's value.
|
||||
func (s *RetireGrantInput) SetGrantId(v string) *RetireGrantInput {
|
||||
s.GrantId = &v
|
||||
@ -18489,6 +18724,13 @@ func (s RetireGrantOutput) GoString() string {
|
||||
type RevokeGrantInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// Identifies the grant to revoke. To get the grant ID, use CreateGrant, ListGrants,
|
||||
// or ListRetirableGrants.
|
||||
//
|
||||
@ -18553,6 +18795,12 @@ func (s *RevokeGrantInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *RevokeGrantInput) SetDryRun(v bool) *RevokeGrantInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantId sets the GrantId field's value.
|
||||
func (s *RevokeGrantInput) SetGrantId(v string) *RevokeGrantInput {
|
||||
s.GrantId = &v
|
||||
@ -18614,7 +18862,7 @@ type ScheduleKeyDeletionInput struct {
|
||||
//
|
||||
// This value is optional. If you include a value, it must be between 7 and
|
||||
// 30, inclusive. If you do not include a value, it defaults to 30. You can
|
||||
// use the kms:ScheduleKeyDeletionPendingWindowInDays (https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-pending-deletion-window)
|
||||
// use the kms:ScheduleKeyDeletionPendingWindowInDays (https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-schedule-key-deletion-pending-window-in-days)
|
||||
// condition key to further constrain the values that principals can specify
|
||||
// in the PendingWindowInDays parameter.
|
||||
PendingWindowInDays *int64 `min:"1" type:"integer"`
|
||||
@ -18743,6 +18991,13 @@ func (s *ScheduleKeyDeletionOutput) SetPendingWindowInDays(v int64) *ScheduleKey
|
||||
type SignInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// A list of grant tokens.
|
||||
//
|
||||
// Use a grant token when your permission to call this operation comes from
|
||||
@ -18878,6 +19133,12 @@ func (s *SignInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *SignInput) SetDryRun(v bool) *SignInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantTokens sets the GrantTokens field's value.
|
||||
func (s *SignInput) SetGrantTokens(v []*string) *SignInput {
|
||||
s.GrantTokens = v
|
||||
@ -19953,6 +20214,13 @@ func (s UpdatePrimaryRegionOutput) GoString() string {
|
||||
type VerifyInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// A list of grant tokens.
|
||||
//
|
||||
// Use a grant token when your permission to call this operation comes from
|
||||
@ -20099,6 +20367,12 @@ func (s *VerifyInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *VerifyInput) SetDryRun(v bool) *VerifyInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantTokens sets the GrantTokens field's value.
|
||||
func (s *VerifyInput) SetGrantTokens(v []*string) *VerifyInput {
|
||||
s.GrantTokens = v
|
||||
@ -20138,6 +20412,13 @@ func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput {
|
||||
type VerifyMacInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Checks if your request will succeed. DryRun is an optional parameter.
|
||||
//
|
||||
// To learn more about how to use this parameter, see Testing your KMS API calls
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
DryRun *bool `type:"boolean"`
|
||||
|
||||
// A list of grant tokens.
|
||||
//
|
||||
// Use a grant token when your permission to call this operation comes from
|
||||
@ -20236,6 +20517,12 @@ func (s *VerifyMacInput) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDryRun sets the DryRun field's value.
|
||||
func (s *VerifyMacInput) SetDryRun(v bool) *VerifyMacInput {
|
||||
s.DryRun = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetGrantTokens sets the GrantTokens field's value.
|
||||
func (s *VerifyMacInput) SetGrantTokens(v []*string) *VerifyMacInput {
|
||||
s.GrantTokens = v
|
||||
|
7
vendor/github.com/aws/aws-sdk-go/service/kms/errors.go
generated
vendored
7
vendor/github.com/aws/aws-sdk-go/service/kms/errors.go
generated
vendored
@ -166,6 +166,12 @@ const (
|
||||
// The request was rejected because the specified KMS key is not enabled.
|
||||
ErrCodeDisabledException = "DisabledException"
|
||||
|
||||
// ErrCodeDryRunOperationException for service response error code
|
||||
// "DryRunOperationException".
|
||||
//
|
||||
// The request was rejected because the DryRun parameter was specified.
|
||||
ErrCodeDryRunOperationException = "DryRunOperationException"
|
||||
|
||||
// ErrCodeExpiredImportTokenException for service response error code
|
||||
// "ExpiredImportTokenException".
|
||||
//
|
||||
@ -488,6 +494,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
||||
"CustomKeyStoreNotFoundException": newErrorCustomKeyStoreNotFoundException,
|
||||
"DependencyTimeoutException": newErrorDependencyTimeoutException,
|
||||
"DisabledException": newErrorDisabledException,
|
||||
"DryRunOperationException": newErrorDryRunOperationException,
|
||||
"ExpiredImportTokenException": newErrorExpiredImportTokenException,
|
||||
"IncorrectKeyException": newErrorIncorrectKeyException,
|
||||
"IncorrectKeyMaterialException": newErrorIncorrectKeyMaterialException,
|
||||
|
1682
vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go
generated
vendored
Normal file
1682
vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go
generated
vendored
Normal file
File diff suppressed because it is too large
Load Diff
66
vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go
generated
vendored
Normal file
66
vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go
generated
vendored
Normal file
@ -0,0 +1,66 @@
|
||||
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
||||
|
||||
// Package ssooidc provides the client and types for making API
|
||||
// requests to AWS SSO OIDC.
|
||||
//
|
||||
// AWS IAM Identity Center (successor to AWS Single Sign-On) OpenID Connect
|
||||
// (OIDC) is a web service that enables a client (such as AWS CLI or a native
|
||||
// application) to register with IAM Identity Center. The service also enables
|
||||
// the client to fetch the user’s access token upon successful authentication
|
||||
// and authorization with IAM Identity Center.
|
||||
//
|
||||
// Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces
|
||||
// will continue to retain their original name for backward compatibility purposes.
|
||||
// For more information, see IAM Identity Center rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed).
|
||||
//
|
||||
// # Considerations for Using This Guide
|
||||
//
|
||||
// Before you begin using this guide, we recommend that you first review the
|
||||
// following important information about how the IAM Identity Center OIDC service
|
||||
// works.
|
||||
//
|
||||
// - The IAM Identity Center OIDC service currently implements only the portions
|
||||
// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628
|
||||
// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single
|
||||
// sign-on authentication with the AWS CLI. Support for other OIDC flows
|
||||
// frequently needed for native applications, such as Authorization Code
|
||||
// Flow (+ PKCE), will be addressed in future releases.
|
||||
//
|
||||
// - The service emits only OIDC access tokens, such that obtaining a new
|
||||
// token (For example, token refresh) requires explicit user re-authentication.
|
||||
//
|
||||
// - The access tokens provided by this service grant access to all AWS account
|
||||
// entitlements assigned to an IAM Identity Center user, not just a particular
|
||||
// application.
|
||||
//
|
||||
// - The documentation in this guide does not describe the mechanism to convert
|
||||
// the access token into AWS Auth (“sigv4”) credentials for use with
|
||||
// IAM-protected AWS service endpoints. For more information, see GetRoleCredentials
|
||||
// (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html)
|
||||
// in the IAM Identity Center Portal API Reference Guide.
|
||||
//
|
||||
// For general information about IAM Identity Center, see What is IAM Identity
|
||||
// Center? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html)
|
||||
// in the IAM Identity Center User Guide.
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10 for more information on this service.
|
||||
//
|
||||
// See ssooidc package documentation for more information.
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/
|
||||
//
|
||||
// # Using the Client
|
||||
//
|
||||
// To contact AWS SSO OIDC with the SDK use the New function to create
|
||||
// a new service client. With that client you can make API requests to the service.
|
||||
// These clients are safe to use concurrently.
|
||||
//
|
||||
// See the SDK's documentation for more information on how to use the SDK.
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/
|
||||
//
|
||||
// See aws.Config documentation for more information on configuring SDK clients.
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
|
||||
//
|
||||
// See the AWS SSO OIDC client SSOOIDC for more
|
||||
// information on creating client for this service.
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/#New
|
||||
package ssooidc
|
107
vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go
generated
vendored
Normal file
107
vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go
generated
vendored
Normal file
@ -0,0 +1,107 @@
|
||||
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
||||
|
||||
package ssooidc
|
||||
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
// ErrCodeAccessDeniedException for service response error code
|
||||
// "AccessDeniedException".
|
||||
//
|
||||
// You do not have sufficient access to perform this action.
|
||||
ErrCodeAccessDeniedException = "AccessDeniedException"
|
||||
|
||||
// ErrCodeAuthorizationPendingException for service response error code
|
||||
// "AuthorizationPendingException".
|
||||
//
|
||||
// Indicates that a request to authorize a client with an access user session
|
||||
// token is pending.
|
||||
ErrCodeAuthorizationPendingException = "AuthorizationPendingException"
|
||||
|
||||
// ErrCodeExpiredTokenException for service response error code
|
||||
// "ExpiredTokenException".
|
||||
//
|
||||
// Indicates that the token issued by the service is expired and is no longer
|
||||
// valid.
|
||||
ErrCodeExpiredTokenException = "ExpiredTokenException"
|
||||
|
||||
// ErrCodeInternalServerException for service response error code
|
||||
// "InternalServerException".
|
||||
//
|
||||
// Indicates that an error from the service occurred while trying to process
|
||||
// a request.
|
||||
ErrCodeInternalServerException = "InternalServerException"
|
||||
|
||||
// ErrCodeInvalidClientException for service response error code
|
||||
// "InvalidClientException".
|
||||
//
|
||||
// Indicates that the clientId or clientSecret in the request is invalid. For
|
||||
// example, this can occur when a client sends an incorrect clientId or an expired
|
||||
// clientSecret.
|
||||
ErrCodeInvalidClientException = "InvalidClientException"
|
||||
|
||||
// ErrCodeInvalidClientMetadataException for service response error code
|
||||
// "InvalidClientMetadataException".
|
||||
//
|
||||
// Indicates that the client information sent in the request during registration
|
||||
// is invalid.
|
||||
ErrCodeInvalidClientMetadataException = "InvalidClientMetadataException"
|
||||
|
||||
// ErrCodeInvalidGrantException for service response error code
|
||||
// "InvalidGrantException".
|
||||
//
|
||||
// Indicates that a request contains an invalid grant. This can occur if a client
|
||||
// makes a CreateToken request with an invalid grant type.
|
||||
ErrCodeInvalidGrantException = "InvalidGrantException"
|
||||
|
||||
// ErrCodeInvalidRequestException for service response error code
|
||||
// "InvalidRequestException".
|
||||
//
|
||||
// Indicates that something is wrong with the input to the request. For example,
|
||||
// a required parameter might be missing or out of range.
|
||||
ErrCodeInvalidRequestException = "InvalidRequestException"
|
||||
|
||||
// ErrCodeInvalidScopeException for service response error code
|
||||
// "InvalidScopeException".
|
||||
//
|
||||
// Indicates that the scope provided in the request is invalid.
|
||||
ErrCodeInvalidScopeException = "InvalidScopeException"
|
||||
|
||||
// ErrCodeSlowDownException for service response error code
|
||||
// "SlowDownException".
|
||||
//
|
||||
// Indicates that the client is making the request too frequently and is more
|
||||
// than the service can handle.
|
||||
ErrCodeSlowDownException = "SlowDownException"
|
||||
|
||||
// ErrCodeUnauthorizedClientException for service response error code
|
||||
// "UnauthorizedClientException".
|
||||
//
|
||||
// Indicates that the client is not currently authorized to make the request.
|
||||
// This can happen when a clientId is not issued for a public client.
|
||||
ErrCodeUnauthorizedClientException = "UnauthorizedClientException"
|
||||
|
||||
// ErrCodeUnsupportedGrantTypeException for service response error code
|
||||
// "UnsupportedGrantTypeException".
|
||||
//
|
||||
// Indicates that the grant type in the request is not supported by the service.
|
||||
ErrCodeUnsupportedGrantTypeException = "UnsupportedGrantTypeException"
|
||||
)
|
||||
|
||||
var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
||||
"AccessDeniedException": newErrorAccessDeniedException,
|
||||
"AuthorizationPendingException": newErrorAuthorizationPendingException,
|
||||
"ExpiredTokenException": newErrorExpiredTokenException,
|
||||
"InternalServerException": newErrorInternalServerException,
|
||||
"InvalidClientException": newErrorInvalidClientException,
|
||||
"InvalidClientMetadataException": newErrorInvalidClientMetadataException,
|
||||
"InvalidGrantException": newErrorInvalidGrantException,
|
||||
"InvalidRequestException": newErrorInvalidRequestException,
|
||||
"InvalidScopeException": newErrorInvalidScopeException,
|
||||
"SlowDownException": newErrorSlowDownException,
|
||||
"UnauthorizedClientException": newErrorUnauthorizedClientException,
|
||||
"UnsupportedGrantTypeException": newErrorUnsupportedGrantTypeException,
|
||||
}
|
106
vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go
generated
vendored
Normal file
106
vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go
generated
vendored
Normal file
@ -0,0 +1,106 @@
|
||||
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
||||
|
||||
package ssooidc
|
||||
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/client/metadata"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/aws/signer/v4"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
"github.com/aws/aws-sdk-go/private/protocol/restjson"
|
||||
)
|
||||
|
||||
// SSOOIDC provides the API operation methods for making requests to
|
||||
// AWS SSO OIDC. See this package's package overview docs
|
||||
// for details on the service.
|
||||
//
|
||||
// SSOOIDC methods are safe to use concurrently. It is not safe to
|
||||
// modify mutate any of the struct's properties though.
|
||||
type SSOOIDC struct {
|
||||
*client.Client
|
||||
}
|
||||
|
||||
// Used for custom client initialization logic
|
||||
var initClient func(*client.Client)
|
||||
|
||||
// Used for custom request initialization logic
|
||||
var initRequest func(*request.Request)
|
||||
|
||||
// Service information constants
|
||||
const (
|
||||
ServiceName = "SSO OIDC" // Name of service.
|
||||
EndpointsID = "oidc" // ID to lookup a service endpoint with.
|
||||
ServiceID = "SSO OIDC" // ServiceID is a unique identifier of a specific service.
|
||||
)
|
||||
|
||||
// New creates a new instance of the SSOOIDC client with a session.
|
||||
// If additional configuration is needed for the client instance use the optional
|
||||
// aws.Config parameter to add your extra config.
|
||||
//
|
||||
// Example:
|
||||
//
|
||||
// mySession := session.Must(session.NewSession())
|
||||
//
|
||||
// // Create a SSOOIDC client from just a session.
|
||||
// svc := ssooidc.New(mySession)
|
||||
//
|
||||
// // Create a SSOOIDC client with additional configuration
|
||||
// svc := ssooidc.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC {
|
||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||
if c.SigningNameDerived || len(c.SigningName) == 0 {
|
||||
c.SigningName = "awsssooidc"
|
||||
}
|
||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion)
|
||||
}
|
||||
|
||||
// newClient creates, initializes and returns a new service client instance.
|
||||
func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSOOIDC {
|
||||
svc := &SSOOIDC{
|
||||
Client: client.New(
|
||||
cfg,
|
||||
metadata.ClientInfo{
|
||||
ServiceName: ServiceName,
|
||||
ServiceID: ServiceID,
|
||||
SigningName: signingName,
|
||||
SigningRegion: signingRegion,
|
||||
PartitionID: partitionID,
|
||||
Endpoint: endpoint,
|
||||
APIVersion: "2019-06-10",
|
||||
ResolvedRegion: resolvedRegion,
|
||||
},
|
||||
handlers,
|
||||
),
|
||||
}
|
||||
|
||||
// Handlers
|
||||
svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler)
|
||||
svc.Handlers.Build.PushBackNamed(restjson.BuildHandler)
|
||||
svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler)
|
||||
svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler)
|
||||
svc.Handlers.UnmarshalError.PushBackNamed(
|
||||
protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(),
|
||||
)
|
||||
|
||||
// Run custom client initialization if present
|
||||
if initClient != nil {
|
||||
initClient(svc.Client)
|
||||
}
|
||||
|
||||
return svc
|
||||
}
|
||||
|
||||
// newRequest creates a new request for a SSOOIDC operation and runs any
|
||||
// custom request initialization.
|
||||
func (c *SSOOIDC) newRequest(op *request.Operation, params, data interface{}) *request.Request {
|
||||
req := c.NewRequest(op, params, data)
|
||||
|
||||
// Run custom request initialization if present
|
||||
if initRequest != nil {
|
||||
initRequest(req)
|
||||
}
|
||||
|
||||
return req
|
||||
}
|
4
vendor/modules.txt
vendored
4
vendor/modules.txt
vendored
@ -20,9 +20,10 @@ github.com/armon/go-metrics
|
||||
# github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
|
||||
## explicit
|
||||
github.com/asaskevich/govalidator
|
||||
# github.com/aws/aws-sdk-go v1.44.295
|
||||
# github.com/aws/aws-sdk-go v1.44.298
|
||||
## explicit; go 1.11
|
||||
github.com/aws/aws-sdk-go/aws
|
||||
github.com/aws/aws-sdk-go/aws/auth/bearer
|
||||
github.com/aws/aws-sdk-go/aws/awserr
|
||||
github.com/aws/aws-sdk-go/aws/awsutil
|
||||
github.com/aws/aws-sdk-go/aws/client
|
||||
@ -61,6 +62,7 @@ github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil
|
||||
github.com/aws/aws-sdk-go/service/kms
|
||||
github.com/aws/aws-sdk-go/service/sso
|
||||
github.com/aws/aws-sdk-go/service/sso/ssoiface
|
||||
github.com/aws/aws-sdk-go/service/ssooidc
|
||||
github.com/aws/aws-sdk-go/service/sts
|
||||
github.com/aws/aws-sdk-go/service/sts/stsiface
|
||||
# github.com/aws/aws-sdk-go-v2 v1.18.1
|
||||
|
Loading…
Reference in New Issue
Block a user