mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-22 13:00:19 +00:00
rebase: bump github.com/aws/aws-sdk-go-v2/service/sts
Bumps the github-dependencies group with 1 update: [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2). Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.32.4 to 1.33.1 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/s3/v1.33.1/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.32.4...service/s3/v1.33.1) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/sts dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
parent
d457840d21
commit
ecb62d6462
14
go.mod
14
go.mod
@ -5,7 +5,7 @@ go 1.22.7
|
||||
require (
|
||||
github.com/IBM/keyprotect-go-client v0.15.1
|
||||
github.com/aws/aws-sdk-go v1.55.5
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.32.4
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.33.1
|
||||
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
|
||||
github.com/ceph/go-ceph v0.30.1-0.20241102143109-75d1af3ed638
|
||||
github.com/container-storage-interface/spec v1.10.0
|
||||
@ -60,12 +60,12 @@ require (
|
||||
github.com/ansel1/merry/v2 v2.0.1 // indirect
|
||||
github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
|
||||
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
|
||||
github.com/aws/aws-sdk-go-v2 v1.32.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.23 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.23 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.4 // indirect
|
||||
github.com/aws/smithy-go v1.22.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2 v1.32.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 // indirect
|
||||
github.com/aws/smithy-go v1.22.1 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/blang/semver/v4 v4.0.0 // indirect
|
||||
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
|
||||
|
28
go.sum
28
go.sum
@ -1411,20 +1411,20 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:l
|
||||
github.com/aws/aws-sdk-go v1.44.164/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU=
|
||||
github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
|
||||
github.com/aws/aws-sdk-go-v2 v1.32.4 h1:S13INUiTxgrPueTmrm5DZ+MiAo99zYzHEFh1UNkOxNE=
|
||||
github.com/aws/aws-sdk-go-v2 v1.32.4/go.mod h1:2SK5n0a2karNTv5tbP1SjsX0uhttou00v/HpXKM1ZUo=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.23 h1:A2w6m6Tmr+BNXjDsr7M90zkWjsu4JXHwrzPg235STs4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.23/go.mod h1:35EVp9wyeANdujZruvHiQUAo9E3vbhnIO1mTCAxMlY0=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.23 h1:pgYW9FCabt2M25MoHYCfMrVY2ghiiBKYWUVXfwZs+sU=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.23/go.mod h1:c48kLgzO19wAu3CPkDWC28JbaJ+hfQlsdl7I2+oqIbk=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 h1:TToQNkvGguu209puTojY/ozlqy2d/SFNcoLIqTFi42g=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0/go.mod h1:0jp+ltwkf+SwG2fm/PKo8t4y8pJSgOCO4D8Lz3k0aHQ=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.4 h1:tHxQi/XHPK0ctd/wdOw0t7Xrc2OxcRCnVzv8lwWPu0c=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.4/go.mod h1:4GQbF1vJzG60poZqWatZlhP31y8PGCCVTvIGPdaaYJ0=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.32.4 h1:yDxvkz3/uOKfxnv8YhzOi9m+2OGIxF+on3KOISbK5IU=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.32.4/go.mod h1:9XEUty5v5UAsMiFOBJrNibZgwCeOma73jgGwwhgffa8=
|
||||
github.com/aws/smithy-go v1.22.0 h1:uunKnWlcoL3zO7q+gG2Pk53joueEOsnNB28QdMsmiMM=
|
||||
github.com/aws/smithy-go v1.22.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
|
||||
github.com/aws/aws-sdk-go-v2 v1.32.5 h1:U8vdWJuY7ruAkzaOdD7guwJjD06YSKmnKCJs7s3IkIo=
|
||||
github.com/aws/aws-sdk-go-v2 v1.32.5/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 h1:4usbeaes3yJnCFC7kfeyhkdkPtoRYPa/hTmCqMpKpLI=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24/go.mod h1:5CI1JemjVwde8m2WG3cz23qHKPOxbpkq0HaoreEgLIY=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 h1:N1zsICrQglfzaBnrfM0Ys00860C+QFwu6u/5+LomP+o=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24/go.mod h1:dCn9HbJ8+K31i8IQ8EWmWj0EiIk0+vKiHNMxTTYveAg=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 h1:wtpJ4zcwrSbwhECWQoI/g6WM9zqCcSpHDJIWSbMLOu4=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5/go.mod h1:qu/W9HXQbbQ4+1+JcZp0ZNPV31ym537ZJN+fiS7Ti8E=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 h1:6SZUVRQNvExYlMLbHdlKB48x0fLbc2iVROyaNEwBHbU=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.33.1/go.mod h1:GqWyYCwLXnlUB1lOAXQyNSPqPLQJvmo8J0DWBzp9mtg=
|
||||
github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro=
|
||||
github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
|
||||
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
||||
|
2
vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go
generated
vendored
@ -3,4 +3,4 @@
|
||||
package aws
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.32.4"
|
||||
const goModuleVersion = "1.32.5"
|
||||
|
5
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md
generated
vendored
5
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md
generated
vendored
@ -1,3 +1,8 @@
|
||||
# v1.3.24 (2024-11-18)
|
||||
|
||||
* **Dependency Update**: Update to smithy-go v1.22.1.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.3.23 (2024-11-06)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
2
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go
generated
vendored
@ -3,4 +3,4 @@
|
||||
package configsources
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.3.23"
|
||||
const goModuleVersion = "1.3.24"
|
||||
|
5
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md
generated
vendored
5
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md
generated
vendored
@ -1,3 +1,8 @@
|
||||
# v2.6.24 (2024-11-18)
|
||||
|
||||
* **Dependency Update**: Update to smithy-go v1.22.1.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v2.6.23 (2024-11-06)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
2
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go
generated
vendored
@ -3,4 +3,4 @@
|
||||
package endpoints
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "2.6.23"
|
||||
const goModuleVersion = "2.6.24"
|
||||
|
4
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md
generated
vendored
@ -1,3 +1,7 @@
|
||||
# v1.12.1 (2024-11-18)
|
||||
|
||||
* **Dependency Update**: Update to smithy-go v1.22.1.
|
||||
|
||||
# v1.12.0 (2024-10-04)
|
||||
|
||||
* **Feature**: Add support for HTTP client metrics.
|
||||
|
@ -3,4 +3,4 @@
|
||||
package acceptencoding
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.12.0"
|
||||
const goModuleVersion = "1.12.1"
|
||||
|
5
vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md
generated
vendored
5
vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md
generated
vendored
@ -1,3 +1,8 @@
|
||||
# v1.12.5 (2024-11-18)
|
||||
|
||||
* **Dependency Update**: Update to smithy-go v1.22.1.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.12.4 (2024-11-06)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
@ -3,4 +3,4 @@
|
||||
package presignedurl
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.12.4"
|
||||
const goModuleVersion = "1.12.5"
|
||||
|
9
vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md
generated
vendored
9
vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md
generated
vendored
@ -1,3 +1,12 @@
|
||||
# v1.33.1 (2024-11-18)
|
||||
|
||||
* **Dependency Update**: Update to smithy-go v1.22.1.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.33.0 (2024-11-14)
|
||||
|
||||
* **Feature**: This release introduces the new API 'AssumeRoot', which returns short-term credentials that you can use to perform privileged tasks.
|
||||
|
||||
# v1.32.4 (2024-11-06)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
50
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go
generated
vendored
50
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go
generated
vendored
@ -16,7 +16,7 @@ import (
|
||||
// Amazon Web Services resources. These temporary credentials consist of an access
|
||||
// key ID, a secret access key, and a security token. Typically, you use AssumeRole
|
||||
// within your account or for cross-account access. For a comparison of AssumeRole
|
||||
// with other API operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Comparing the Amazon Web Services STS API operations] in the
|
||||
// with other API operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the
|
||||
// IAM User Guide.
|
||||
//
|
||||
// # Permissions
|
||||
@ -26,16 +26,16 @@ import (
|
||||
// cannot call the Amazon Web Services STS GetFederationToken or GetSessionToken
|
||||
// API operations.
|
||||
//
|
||||
// (Optional) You can pass inline or managed [session policies] to this operation. You can pass a
|
||||
// single JSON policy document to use as an inline session policy. You can also
|
||||
// specify up to 10 managed policy Amazon Resource Names (ARNs) to use as managed
|
||||
// session policies. The plaintext that you use for both inline and managed session
|
||||
// policies can't exceed 2,048 characters. Passing policies to this operation
|
||||
// returns new temporary credentials. The resulting session's permissions are the
|
||||
// intersection of the role's identity-based policy and the session policies. You
|
||||
// can use the role's temporary credentials in subsequent Amazon Web Services API
|
||||
// calls to access resources in the account that owns the role. You cannot use
|
||||
// session policies to grant more permissions than those allowed by the
|
||||
// (Optional) You can pass inline or managed session policies to this operation.
|
||||
// You can pass a single JSON policy document to use as an inline session policy.
|
||||
// You can also specify up to 10 managed policy Amazon Resource Names (ARNs) to use
|
||||
// as managed session policies. The plaintext that you use for both inline and
|
||||
// managed session policies can't exceed 2,048 characters. Passing policies to this
|
||||
// operation returns new temporary credentials. The resulting session's permissions
|
||||
// are the intersection of the role's identity-based policy and the session
|
||||
// policies. You can use the role's temporary credentials in subsequent Amazon Web
|
||||
// Services API calls to access resources in the account that owns the role. You
|
||||
// cannot use session policies to grant more permissions than those allowed by the
|
||||
// identity-based policy of the role that is being assumed. For more information,
|
||||
// see [Session Policies]in the IAM User Guide.
|
||||
//
|
||||
@ -104,10 +104,9 @@ import (
|
||||
// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
|
||||
// [Chaining Roles with Session Tags]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining
|
||||
// [Comparing the Amazon Web Services STS API operations]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
|
||||
// [session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [IAM Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
||||
// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
|
||||
// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html
|
||||
// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html
|
||||
func (c *Client) AssumeRole(ctx context.Context, params *AssumeRoleInput, optFns ...func(*Options)) (*AssumeRoleOutput, error) {
|
||||
if params == nil {
|
||||
@ -141,10 +140,18 @@ type AssumeRoleInput struct {
|
||||
// the temporary security credentials will expose the role session name to the
|
||||
// external account in their CloudTrail logs.
|
||||
//
|
||||
// For security purposes, administrators can view this field in [CloudTrail logs] to help identify
|
||||
// who performed an action in Amazon Web Services. Your administrator might require
|
||||
// that you specify your user name as the session name when you assume the role.
|
||||
// For more information, see [sts:RoleSessionName]sts:RoleSessionName .
|
||||
//
|
||||
// The regex used to validate this parameter is a string of characters consisting
|
||||
// of upper- and lower-case alphanumeric characters with no spaces. You can also
|
||||
// include underscores or any of the following characters: =,.@-
|
||||
//
|
||||
// [CloudTrail logs]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html#cloudtrail-integration_signin-tempcreds
|
||||
// [sts:RoleSessionName]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#ck_rolesessionname
|
||||
//
|
||||
// This member is required.
|
||||
RoleSessionName *string
|
||||
|
||||
@ -163,7 +170,7 @@ type AssumeRoleInput struct {
|
||||
// 43200 seconds (12 hours), depending on the maximum session duration setting for
|
||||
// your role. However, if you assume a role using role chaining and provide a
|
||||
// DurationSeconds parameter value greater than one hour, the operation fails. To
|
||||
// learn how to view the maximum value for your role, see [View the Maximum Session Duration Setting for a Role]in the IAM User Guide.
|
||||
// learn how to view the maximum value for your role, see [Update the maximum session duration for a role].
|
||||
//
|
||||
// By default, the value is set to 3600 seconds.
|
||||
//
|
||||
@ -173,7 +180,7 @@ type AssumeRoleInput struct {
|
||||
// parameter that specifies the maximum length of the console session. For more
|
||||
// information, see [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]in the IAM User Guide.
|
||||
//
|
||||
// [View the Maximum Session Duration Setting for a Role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session
|
||||
// [Update the maximum session duration for a role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_update-role-settings.html#id_roles_update-session-duration
|
||||
// [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html
|
||||
DurationSeconds *int32
|
||||
|
||||
@ -218,7 +225,10 @@ type AssumeRoleInput struct {
|
||||
// by percentage how close the policies and tags for your request are to the upper
|
||||
// size limit.
|
||||
//
|
||||
// For more information about role session permissions, see [Session policies].
|
||||
//
|
||||
// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
Policy *string
|
||||
|
||||
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
|
||||
@ -273,10 +283,10 @@ type AssumeRoleInput struct {
|
||||
SerialNumber *string
|
||||
|
||||
// The source identity specified by the principal that is calling the AssumeRole
|
||||
// operation.
|
||||
// operation. The source identity value persists across [chained role]sessions.
|
||||
//
|
||||
// You can require users to specify a source identity when they assume a role. You
|
||||
// do this by using the sts:SourceIdentity condition key in a role trust policy.
|
||||
// do this by using the [sts:SourceIdentity]sts:SourceIdentity condition key in a role trust policy.
|
||||
// You can use source identity information in CloudTrail logs to determine who took
|
||||
// actions with a role. You can use the aws:SourceIdentity condition key to
|
||||
// further control access to Amazon Web Services resources based on the value of
|
||||
@ -289,7 +299,9 @@ type AssumeRoleInput struct {
|
||||
// value that begins with the text aws: . This prefix is reserved for Amazon Web
|
||||
// Services internal use.
|
||||
//
|
||||
// [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#iam-term-role-chaining
|
||||
// [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html
|
||||
// [sts:SourceIdentity]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceidentity
|
||||
SourceIdentity *string
|
||||
|
||||
// A list of session tags that you want to pass. Each session tag consists of a
|
||||
@ -342,8 +354,8 @@ type AssumeRoleInput struct {
|
||||
// a tag key as transitive, the corresponding key and value passes to subsequent
|
||||
// sessions in a role chain. For more information, see [Chaining Roles with Session Tags]in the IAM User Guide.
|
||||
//
|
||||
// This parameter is optional. When you set session tags as transitive, the
|
||||
// session policy and session tags packed binary limit is not affected.
|
||||
// This parameter is optional. The transitive status of a session tag does not
|
||||
// impact its packed binary size.
|
||||
//
|
||||
// If you choose not to specify a transitive tag key, then no tags are passed from
|
||||
// this session to any subsequent sessions.
|
||||
|
12
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go
generated
vendored
12
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go
generated
vendored
@ -16,7 +16,7 @@ import (
|
||||
// mechanism for tying an enterprise identity store or directory to role-based
|
||||
// Amazon Web Services access without user-specific credentials or configuration.
|
||||
// For a comparison of AssumeRoleWithSAML with the other API operations that
|
||||
// produce temporary credentials, see [Requesting Temporary Security Credentials]and [Comparing the Amazon Web Services STS API operations] in the IAM User Guide.
|
||||
// produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide.
|
||||
//
|
||||
// The temporary security credentials returned by this operation consist of an
|
||||
// access key ID, a secret access key, and a security token. Applications can use
|
||||
@ -130,10 +130,10 @@ import (
|
||||
// [View the Maximum Session Duration Setting for a Role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session
|
||||
// [Creating a Role for SAML 2.0 Federation]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html
|
||||
// [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length
|
||||
// [Comparing the Amazon Web Services STS API operations]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
|
||||
// [Creating SAML Identity Providers]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html
|
||||
// [session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
|
||||
// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html
|
||||
// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html
|
||||
// [Configuring a Relying Party and Claims]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html
|
||||
// [Role chaining]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-role-chaining
|
||||
@ -219,6 +219,8 @@ type AssumeRoleWithSAMLInput struct {
|
||||
// \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage
|
||||
// return (\u000D) characters.
|
||||
//
|
||||
// For more information about role session permissions, see [Session policies].
|
||||
//
|
||||
// An Amazon Web Services conversion compresses the passed inline session policy,
|
||||
// managed policy ARNs, and session tags into a packed binary format that has a
|
||||
// separate limit. Your request can fail for this limit even if your plaintext
|
||||
@ -227,6 +229,7 @@ type AssumeRoleWithSAMLInput struct {
|
||||
// size limit.
|
||||
//
|
||||
// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
Policy *string
|
||||
|
||||
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
|
||||
@ -304,7 +307,8 @@ type AssumeRoleWithSAMLOutput struct {
|
||||
// allowed space.
|
||||
PackedPolicySize *int32
|
||||
|
||||
// The value in the SourceIdentity attribute in the SAML assertion.
|
||||
// The value in the SourceIdentity attribute in the SAML assertion. The source
|
||||
// identity value persists across [chained role]sessions.
|
||||
//
|
||||
// You can require users to set a source identity value when they assume a role.
|
||||
// You do this by using the sts:SourceIdentity condition key in a role trust
|
||||
@ -321,7 +325,7 @@ type AssumeRoleWithSAMLOutput struct {
|
||||
// of upper- and lower-case alphanumeric characters with no spaces. You can also
|
||||
// include underscores or any of the following characters: =,.@-
|
||||
//
|
||||
// [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining
|
||||
// [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#id_roles_terms-and-concepts
|
||||
// [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html
|
||||
SourceIdentity *string
|
||||
|
||||
|
48
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go
generated
vendored
48
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go
generated
vendored
@ -31,7 +31,7 @@ import (
|
||||
// Services credentials. Instead, the identity of the caller is validated by using
|
||||
// a token from the web identity provider. For a comparison of
|
||||
// AssumeRoleWithWebIdentity with the other API operations that produce temporary
|
||||
// credentials, see [Requesting Temporary Security Credentials]and [Comparing the Amazon Web Services STS API operations] in the IAM User Guide.
|
||||
// credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide.
|
||||
//
|
||||
// The temporary security credentials returned by this API consist of an access
|
||||
// key ID, a secret access key, and a security token. Applications can use these
|
||||
@ -45,7 +45,7 @@ import (
|
||||
// DurationSeconds parameter to specify the duration of your session. You can
|
||||
// provide a value from 900 seconds (15 minutes) up to the maximum session duration
|
||||
// setting for the role. This setting can have a value from 1 hour to 12 hours. To
|
||||
// learn how to view the maximum value for your role, see [View the Maximum Session Duration Setting for a Role]in the IAM User Guide.
|
||||
// learn how to view the maximum value for your role, see [Update the maximum session duration for a role]in the IAM User Guide.
|
||||
// The maximum session duration limit applies when you use the AssumeRole* API
|
||||
// operations or the assume-role* CLI commands. However the limit does not apply
|
||||
// when you use those operations to create a console URL. For more information, see
|
||||
@ -111,34 +111,23 @@ import (
|
||||
// that you avoid using any personally identifiable information (PII) in this
|
||||
// field. For example, you could instead use a GUID or a pairwise identifier, as [suggested in the OIDC specification].
|
||||
//
|
||||
// For more information about how to use web identity federation and the
|
||||
// For more information about how to use OIDC federation and the
|
||||
// AssumeRoleWithWebIdentity API, see the following resources:
|
||||
//
|
||||
// [Using Web Identity Federation API Operations for Mobile Apps]
|
||||
// - and [Federation Through a Web-based Identity Provider].
|
||||
//
|
||||
// [Web Identity Federation Playground]
|
||||
// - . Walk through the process of authenticating through Login with Amazon,
|
||||
// Facebook, or Google, getting temporary security credentials, and then using
|
||||
// those credentials to make a request to Amazon Web Services.
|
||||
//
|
||||
// [Amazon Web Services SDK for iOS Developer Guide]
|
||||
// - and [Amazon Web Services SDK for Android Developer Guide]. These toolkits contain sample apps that show how to invoke the
|
||||
// identity providers. The toolkits then show how to use the information from these
|
||||
// providers to get and use temporary security credentials.
|
||||
//
|
||||
// [Web Identity Federation with Mobile Applications]
|
||||
// - . This article discusses web identity federation and shows an example of
|
||||
// how to use web identity federation to get access to content in Amazon S3.
|
||||
//
|
||||
// [Amazon Web Services SDK for iOS Developer Guide]: http://aws.amazon.com/sdkforios/
|
||||
// [View the Maximum Session Duration Setting for a Role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session
|
||||
// [Web Identity Federation Playground]: https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/
|
||||
// [Amazon Web Services SDK for Android Developer Guide]: http://aws.amazon.com/sdkforandroid/
|
||||
// [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length
|
||||
// [Comparing the Amazon Web Services STS API operations]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
|
||||
// [session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
|
||||
// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html
|
||||
// [Subject]: http://openid.net/specs/openid-connect-core-1_0.html#Claims
|
||||
// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html
|
||||
// [Amazon Cognito identity pools]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html
|
||||
@ -148,7 +137,7 @@ import (
|
||||
// [Amazon Cognito federated identities]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html
|
||||
// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
|
||||
// [Chaining Roles with Session Tags]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining
|
||||
// [Web Identity Federation with Mobile Applications]: http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications
|
||||
// [Update the maximum session duration for a role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_update-role-settings.html#id_roles_update-session-duration
|
||||
// [Using Web Identity Federation API Operations for Mobile Apps]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html
|
||||
// [suggested in the OIDC specification]: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
||||
func (c *Client) AssumeRoleWithWebIdentity(ctx context.Context, params *AssumeRoleWithWebIdentityInput, optFns ...func(*Options)) (*AssumeRoleWithWebIdentityOutput, error) {
|
||||
@ -170,6 +159,17 @@ type AssumeRoleWithWebIdentityInput struct {
|
||||
|
||||
// The Amazon Resource Name (ARN) of the role that the caller is assuming.
|
||||
//
|
||||
// Additional considerations apply to Amazon Cognito identity pools that assume [cross-account IAM roles].
|
||||
// The trust policies of these roles must accept the cognito-identity.amazonaws.com
|
||||
// service principal and must contain the cognito-identity.amazonaws.com:aud
|
||||
// condition key to restrict role assumption to users from your intended identity
|
||||
// pools. A policy that trusts Amazon Cognito identity pools without this condition
|
||||
// creates a risk that a user from an unintended identity pool can assume the role.
|
||||
// For more information, see [Trust policies for IAM roles in Basic (Classic) authentication]in the Amazon Cognito Developer Guide.
|
||||
//
|
||||
// [cross-account IAM roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies-cross-account-resource-access.html
|
||||
// [Trust policies for IAM roles in Basic (Classic) authentication]: https://docs.aws.amazon.com/cognito/latest/developerguide/iam-roles.html#trust-policies
|
||||
//
|
||||
// This member is required.
|
||||
RoleArn *string
|
||||
|
||||
@ -179,17 +179,26 @@ type AssumeRoleWithWebIdentityInput struct {
|
||||
// associated with that user. This session name is included as part of the ARN and
|
||||
// assumed role ID in the AssumedRoleUser response element.
|
||||
//
|
||||
// For security purposes, administrators can view this field in [CloudTrail logs] to help identify
|
||||
// who performed an action in Amazon Web Services. Your administrator might require
|
||||
// that you specify your user name as the session name when you assume the role.
|
||||
// For more information, see [sts:RoleSessionName]sts:RoleSessionName .
|
||||
//
|
||||
// The regex used to validate this parameter is a string of characters consisting
|
||||
// of upper- and lower-case alphanumeric characters with no spaces. You can also
|
||||
// include underscores or any of the following characters: =,.@-
|
||||
//
|
||||
// [CloudTrail logs]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html#cloudtrail-integration_signin-tempcreds
|
||||
// [sts:RoleSessionName]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#ck_rolesessionname
|
||||
//
|
||||
// This member is required.
|
||||
RoleSessionName *string
|
||||
|
||||
// The OAuth 2.0 access token or OpenID Connect ID token that is provided by the
|
||||
// identity provider. Your application must get this token by authenticating the
|
||||
// user who is using your application with a web identity provider before the
|
||||
// application makes an AssumeRoleWithWebIdentity call. Only tokens with RSA
|
||||
// application makes an AssumeRoleWithWebIdentity call. Timestamps in the token
|
||||
// must be formatted as either an integer or a long integer. Only tokens with RSA
|
||||
// algorithms (RS256) are supported.
|
||||
//
|
||||
// This member is required.
|
||||
@ -232,6 +241,8 @@ type AssumeRoleWithWebIdentityInput struct {
|
||||
// \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage
|
||||
// return (\u000D) characters.
|
||||
//
|
||||
// For more information about role session permissions, see [Session policies].
|
||||
//
|
||||
// An Amazon Web Services conversion compresses the passed inline session policy,
|
||||
// managed policy ARNs, and session tags into a packed binary format that has a
|
||||
// separate limit. Your request can fail for this limit even if your plaintext
|
||||
@ -240,6 +251,7 @@ type AssumeRoleWithWebIdentityInput struct {
|
||||
// size limit.
|
||||
//
|
||||
// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
Policy *string
|
||||
|
||||
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
|
||||
@ -337,7 +349,7 @@ type AssumeRoleWithWebIdentityOutput struct {
|
||||
// of upper- and lower-case alphanumeric characters with no spaces. You can also
|
||||
// include underscores or any of the following characters: =,.@-
|
||||
//
|
||||
// [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining
|
||||
// [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#id_roles_terms-and-concepts
|
||||
// [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html
|
||||
// [Using Tokens with User Pools]: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html
|
||||
SourceIdentity *string
|
||||
|
221
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoot.go
generated
vendored
Normal file
221
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoot.go
generated
vendored
Normal file
@ -0,0 +1,221 @@
|
||||
// Code generated by smithy-go-codegen DO NOT EDIT.
|
||||
|
||||
package sts
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
|
||||
"github.com/aws/aws-sdk-go-v2/service/sts/types"
|
||||
"github.com/aws/smithy-go/middleware"
|
||||
smithyhttp "github.com/aws/smithy-go/transport/http"
|
||||
)
|
||||
|
||||
// Returns a set of short term credentials you can use to perform privileged tasks
|
||||
// in a member account.
|
||||
//
|
||||
// Before you can launch a privileged session, you must have enabled centralized
|
||||
// root access in your organization. For steps to enable this feature, see [Centralize root access for member accounts]in the
|
||||
// IAM User Guide.
|
||||
//
|
||||
// The global endpoint is not supported for AssumeRoot. You must send this request
|
||||
// to a Regional STS endpoint. For more information, see [Endpoints].
|
||||
//
|
||||
// You can track AssumeRoot in CloudTrail logs to determine what actions were
|
||||
// performed in a session. For more information, see [Track privileged tasks in CloudTrail]in the IAM User Guide.
|
||||
//
|
||||
// [Endpoints]: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints
|
||||
// [Track privileged tasks in CloudTrail]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html
|
||||
// [Centralize root access for member accounts]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html
|
||||
func (c *Client) AssumeRoot(ctx context.Context, params *AssumeRootInput, optFns ...func(*Options)) (*AssumeRootOutput, error) {
|
||||
if params == nil {
|
||||
params = &AssumeRootInput{}
|
||||
}
|
||||
|
||||
result, metadata, err := c.invokeOperation(ctx, "AssumeRoot", params, optFns, c.addOperationAssumeRootMiddlewares)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
out := result.(*AssumeRootOutput)
|
||||
out.ResultMetadata = metadata
|
||||
return out, nil
|
||||
}
|
||||
|
||||
type AssumeRootInput struct {
|
||||
|
||||
// The member account principal ARN or account ID.
|
||||
//
|
||||
// This member is required.
|
||||
TargetPrincipal *string
|
||||
|
||||
// The identity based policy that scopes the session to the privileged tasks that
|
||||
// can be performed. You can use one of following Amazon Web Services managed
|
||||
// policies to scope root session actions. You can add additional customer managed
|
||||
// policies to further limit the permissions for the root session.
|
||||
//
|
||||
// [IAMAuditRootUserCredentials]
|
||||
//
|
||||
// [IAMCreateRootUserPassword]
|
||||
//
|
||||
// [IAMDeleteRootUserCredentials]
|
||||
//
|
||||
// [S3UnlockBucketPolicy]
|
||||
//
|
||||
// [SQSUnlockQueuePolicy]
|
||||
//
|
||||
// [IAMDeleteRootUserCredentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials
|
||||
// [IAMCreateRootUserPassword]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword
|
||||
// [IAMAuditRootUserCredentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials
|
||||
// [S3UnlockBucketPolicy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy
|
||||
// [SQSUnlockQueuePolicy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy
|
||||
//
|
||||
// This member is required.
|
||||
TaskPolicyArn *types.PolicyDescriptorType
|
||||
|
||||
// The duration, in seconds, of the privileged session. The value can range from 0
|
||||
// seconds up to the maximum session duration of 900 seconds (15 minutes). If you
|
||||
// specify a value higher than this setting, the operation fails.
|
||||
//
|
||||
// By default, the value is set to 900 seconds.
|
||||
DurationSeconds *int32
|
||||
|
||||
noSmithyDocumentSerde
|
||||
}
|
||||
|
||||
type AssumeRootOutput struct {
|
||||
|
||||
// The temporary security credentials, which include an access key ID, a secret
|
||||
// access key, and a security token.
|
||||
//
|
||||
// The size of the security token that STS API operations return is not fixed. We
|
||||
// strongly recommend that you make no assumptions about the maximum size.
|
||||
Credentials *types.Credentials
|
||||
|
||||
// The source identity specified by the principal that is calling the AssumeRoot
|
||||
// operation.
|
||||
//
|
||||
// You can use the aws:SourceIdentity condition key to control access based on the
|
||||
// value of source identity. For more information about using source identity, see [Monitor and control actions taken with assumed roles]
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// The regex used to validate this parameter is a string of characters consisting
|
||||
// of upper- and lower-case alphanumeric characters with no spaces. You can also
|
||||
// include underscores or any of the following characters: =,.@-
|
||||
//
|
||||
// [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html
|
||||
SourceIdentity *string
|
||||
|
||||
// Metadata pertaining to the operation's result.
|
||||
ResultMetadata middleware.Metadata
|
||||
|
||||
noSmithyDocumentSerde
|
||||
}
|
||||
|
||||
func (c *Client) addOperationAssumeRootMiddlewares(stack *middleware.Stack, options Options) (err error) {
|
||||
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
|
||||
return err
|
||||
}
|
||||
err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoot{}, middleware.After)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAssumeRoot{}, middleware.After)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoot"); err != nil {
|
||||
return fmt.Errorf("add protocol finalizers: %v", err)
|
||||
}
|
||||
|
||||
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSetLoggerMiddleware(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addClientRequestID(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addComputeContentLength(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addResolveEndpointMiddleware(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addComputePayloadSHA256(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addRetry(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addRawResponseToMetadata(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addRecordResponseTiming(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSpanRetryLoop(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addClientUserAgent(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addTimeOffsetBuild(stack, c); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addUserAgentRetryMode(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addOpAssumeRootValidationMiddleware(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAssumeRoot(options.Region), middleware.Before); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addRecursionDetection(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addResponseErrorMiddleware(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addRequestResponseLogging(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSpanInitializeStart(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSpanInitializeEnd(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSpanBuildRequestStart(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
if err = addSpanBuildRequestEnd(stack); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func newServiceMetadataMiddleware_opAssumeRoot(region string) *awsmiddleware.RegisterServiceMetadata {
|
||||
return &awsmiddleware.RegisterServiceMetadata{
|
||||
Region: region,
|
||||
ServiceID: ServiceID,
|
||||
OperationName: "AssumeRoot",
|
||||
}
|
||||
}
|
4
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go
generated
vendored
@ -20,7 +20,7 @@ import (
|
||||
// credentials of an IAM user. As a result, this call is appropriate in contexts
|
||||
// where those credentials can be safeguarded, usually in a server-based
|
||||
// application. For a comparison of GetFederationToken with the other API
|
||||
// operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Comparing the Amazon Web Services STS API operations] in the IAM User Guide.
|
||||
// operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide.
|
||||
//
|
||||
// Although it is possible to call GetFederationToken using the security
|
||||
// credentials of an Amazon Web Services account root user rather than an IAM user
|
||||
@ -104,9 +104,9 @@ import (
|
||||
// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session
|
||||
// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
|
||||
// [GetFederationToken—Federation Through a Custom Identity Broker]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken
|
||||
// [Comparing the Amazon Web Services STS API operations]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
|
||||
// [Safeguard your root user credentials and don't use them for everyday tasks]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials
|
||||
// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
|
||||
// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html
|
||||
// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html
|
||||
func (c *Client) GetFederationToken(ctx context.Context, params *GetFederationTokenInput, optFns ...func(*Options)) (*GetFederationTokenOutput, error) {
|
||||
if params == nil {
|
||||
|
4
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go
generated
vendored
@ -22,7 +22,7 @@ import (
|
||||
// the call returns, IAM users can then make programmatic calls to API operations
|
||||
// that require MFA authentication. An incorrect MFA code causes the API to return
|
||||
// an access denied error. For a comparison of GetSessionToken with the other API
|
||||
// operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Comparing the Amazon Web Services STS API operations] in the IAM User Guide.
|
||||
// operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide.
|
||||
//
|
||||
// No permissions are required for users to perform this operation. The purpose of
|
||||
// the sts:GetSessionToken operation is to authenticate the user using MFA. You
|
||||
@ -63,10 +63,10 @@ import (
|
||||
// credentials, see [Temporary Credentials for Users in Untrusted Environments]in the IAM User Guide.
|
||||
//
|
||||
// [Permissions for GetSessionToken]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html
|
||||
// [Comparing the Amazon Web Services STS API operations]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
|
||||
// [Temporary Credentials for Users in Untrusted Environments]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken
|
||||
// [Safeguard your root user credentials and don't use them for everyday tasks]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials
|
||||
// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
|
||||
// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html
|
||||
func (c *Client) GetSessionToken(ctx context.Context, params *GetSessionTokenInput, optFns ...func(*Options)) (*GetSessionTokenOutput, error) {
|
||||
if params == nil {
|
||||
params = &GetSessionTokenInput{}
|
||||
|
170
vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go
generated
vendored
170
vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go
generated
vendored
@ -410,6 +410,121 @@ func awsAwsquery_deserializeOpErrorAssumeRoleWithWebIdentity(response *smithyhtt
|
||||
}
|
||||
}
|
||||
|
||||
type awsAwsquery_deserializeOpAssumeRoot struct {
|
||||
}
|
||||
|
||||
func (*awsAwsquery_deserializeOpAssumeRoot) ID() string {
|
||||
return "OperationDeserializer"
|
||||
}
|
||||
|
||||
func (m *awsAwsquery_deserializeOpAssumeRoot) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) (
|
||||
out middleware.DeserializeOutput, metadata middleware.Metadata, err error,
|
||||
) {
|
||||
out, metadata, err = next.HandleDeserialize(ctx, in)
|
||||
if err != nil {
|
||||
return out, metadata, err
|
||||
}
|
||||
|
||||
_, span := tracing.StartSpan(ctx, "OperationDeserializer")
|
||||
endTimer := startMetricTimer(ctx, "client.call.deserialization_duration")
|
||||
defer endTimer()
|
||||
defer span.End()
|
||||
response, ok := out.RawResponse.(*smithyhttp.Response)
|
||||
if !ok {
|
||||
return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)}
|
||||
}
|
||||
|
||||
if response.StatusCode < 200 || response.StatusCode >= 300 {
|
||||
return out, metadata, awsAwsquery_deserializeOpErrorAssumeRoot(response, &metadata)
|
||||
}
|
||||
output := &AssumeRootOutput{}
|
||||
out.Result = output
|
||||
|
||||
var buff [1024]byte
|
||||
ringBuffer := smithyio.NewRingBuffer(buff[:])
|
||||
body := io.TeeReader(response.Body, ringBuffer)
|
||||
rootDecoder := xml.NewDecoder(body)
|
||||
t, err := smithyxml.FetchRootElement(rootDecoder)
|
||||
if err == io.EOF {
|
||||
return out, metadata, nil
|
||||
}
|
||||
if err != nil {
|
||||
var snapshot bytes.Buffer
|
||||
io.Copy(&snapshot, ringBuffer)
|
||||
return out, metadata, &smithy.DeserializationError{
|
||||
Err: fmt.Errorf("failed to decode response body, %w", err),
|
||||
Snapshot: snapshot.Bytes(),
|
||||
}
|
||||
}
|
||||
|
||||
decoder := smithyxml.WrapNodeDecoder(rootDecoder, t)
|
||||
t, err = decoder.GetElement("AssumeRootResult")
|
||||
if err != nil {
|
||||
var snapshot bytes.Buffer
|
||||
io.Copy(&snapshot, ringBuffer)
|
||||
err = &smithy.DeserializationError{
|
||||
Err: fmt.Errorf("failed to decode response body, %w", err),
|
||||
Snapshot: snapshot.Bytes(),
|
||||
}
|
||||
return out, metadata, err
|
||||
}
|
||||
|
||||
decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t)
|
||||
err = awsAwsquery_deserializeOpDocumentAssumeRootOutput(&output, decoder)
|
||||
if err != nil {
|
||||
var snapshot bytes.Buffer
|
||||
io.Copy(&snapshot, ringBuffer)
|
||||
err = &smithy.DeserializationError{
|
||||
Err: fmt.Errorf("failed to decode response body, %w", err),
|
||||
Snapshot: snapshot.Bytes(),
|
||||
}
|
||||
return out, metadata, err
|
||||
}
|
||||
|
||||
return out, metadata, err
|
||||
}
|
||||
|
||||
func awsAwsquery_deserializeOpErrorAssumeRoot(response *smithyhttp.Response, metadata *middleware.Metadata) error {
|
||||
var errorBuffer bytes.Buffer
|
||||
if _, err := io.Copy(&errorBuffer, response.Body); err != nil {
|
||||
return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)}
|
||||
}
|
||||
errorBody := bytes.NewReader(errorBuffer.Bytes())
|
||||
|
||||
errorCode := "UnknownError"
|
||||
errorMessage := errorCode
|
||||
|
||||
errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if reqID := errorComponents.RequestID; len(reqID) != 0 {
|
||||
awsmiddleware.SetRequestIDMetadata(metadata, reqID)
|
||||
}
|
||||
if len(errorComponents.Code) != 0 {
|
||||
errorCode = errorComponents.Code
|
||||
}
|
||||
if len(errorComponents.Message) != 0 {
|
||||
errorMessage = errorComponents.Message
|
||||
}
|
||||
errorBody.Seek(0, io.SeekStart)
|
||||
switch {
|
||||
case strings.EqualFold("ExpiredTokenException", errorCode):
|
||||
return awsAwsquery_deserializeErrorExpiredTokenException(response, errorBody)
|
||||
|
||||
case strings.EqualFold("RegionDisabledException", errorCode):
|
||||
return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody)
|
||||
|
||||
default:
|
||||
genericError := &smithy.GenericAPIError{
|
||||
Code: errorCode,
|
||||
Message: errorMessage,
|
||||
}
|
||||
return genericError
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
type awsAwsquery_deserializeOpDecodeAuthorizationMessage struct {
|
||||
}
|
||||
|
||||
@ -2268,6 +2383,61 @@ func awsAwsquery_deserializeOpDocumentAssumeRoleWithWebIdentityOutput(v **Assume
|
||||
return nil
|
||||
}
|
||||
|
||||
func awsAwsquery_deserializeOpDocumentAssumeRootOutput(v **AssumeRootOutput, decoder smithyxml.NodeDecoder) error {
|
||||
if v == nil {
|
||||
return fmt.Errorf("unexpected nil of type %T", v)
|
||||
}
|
||||
var sv *AssumeRootOutput
|
||||
if *v == nil {
|
||||
sv = &AssumeRootOutput{}
|
||||
} else {
|
||||
sv = *v
|
||||
}
|
||||
|
||||
for {
|
||||
t, done, err := decoder.Token()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if done {
|
||||
break
|
||||
}
|
||||
originalDecoder := decoder
|
||||
decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
|
||||
switch {
|
||||
case strings.EqualFold("Credentials", t.Name.Local):
|
||||
nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t)
|
||||
if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
case strings.EqualFold("SourceIdentity", t.Name.Local):
|
||||
val, err := decoder.Value()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if val == nil {
|
||||
break
|
||||
}
|
||||
{
|
||||
xtv := string(val)
|
||||
sv.SourceIdentity = ptr.String(xtv)
|
||||
}
|
||||
|
||||
default:
|
||||
// Do nothing and ignore the unexpected tag element
|
||||
err = decoder.Decoder.Skip()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
}
|
||||
decoder = originalDecoder
|
||||
}
|
||||
*v = sv
|
||||
return nil
|
||||
}
|
||||
|
||||
func awsAwsquery_deserializeOpDocumentDecodeAuthorizationMessageOutput(v **DecodeAuthorizationMessageOutput, decoder smithyxml.NodeDecoder) error {
|
||||
if v == nil {
|
||||
return fmt.Errorf("unexpected nil of type %T", v)
|
||||
|
1
vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json
generated
vendored
1
vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json
generated
vendored
@ -13,6 +13,7 @@
|
||||
"api_op_AssumeRole.go",
|
||||
"api_op_AssumeRoleWithSAML.go",
|
||||
"api_op_AssumeRoleWithWebIdentity.go",
|
||||
"api_op_AssumeRoot.go",
|
||||
"api_op_DecodeAuthorizationMessage.go",
|
||||
"api_op_GetAccessKeyInfo.go",
|
||||
"api_op_GetCallerIdentity.go",
|
||||
|
2
vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go
generated
vendored
@ -3,4 +3,4 @@
|
||||
package sts
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.32.4"
|
||||
const goModuleVersion = "1.33.1"
|
||||
|
94
vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go
generated
vendored
94
vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go
generated
vendored
@ -226,6 +226,76 @@ func (m *awsAwsquery_serializeOpAssumeRoleWithWebIdentity) HandleSerialize(ctx c
|
||||
return next.HandleSerialize(ctx, in)
|
||||
}
|
||||
|
||||
type awsAwsquery_serializeOpAssumeRoot struct {
|
||||
}
|
||||
|
||||
func (*awsAwsquery_serializeOpAssumeRoot) ID() string {
|
||||
return "OperationSerializer"
|
||||
}
|
||||
|
||||
func (m *awsAwsquery_serializeOpAssumeRoot) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
|
||||
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
|
||||
) {
|
||||
_, span := tracing.StartSpan(ctx, "OperationSerializer")
|
||||
endTimer := startMetricTimer(ctx, "client.call.serialization_duration")
|
||||
defer endTimer()
|
||||
defer span.End()
|
||||
request, ok := in.Request.(*smithyhttp.Request)
|
||||
if !ok {
|
||||
return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)}
|
||||
}
|
||||
|
||||
input, ok := in.Parameters.(*AssumeRootInput)
|
||||
_ = input
|
||||
if !ok {
|
||||
return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)}
|
||||
}
|
||||
|
||||
operationPath := "/"
|
||||
if len(request.Request.URL.Path) == 0 {
|
||||
request.Request.URL.Path = operationPath
|
||||
} else {
|
||||
request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath)
|
||||
if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' {
|
||||
request.Request.URL.Path += "/"
|
||||
}
|
||||
}
|
||||
request.Request.Method = "POST"
|
||||
httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header)
|
||||
if err != nil {
|
||||
return out, metadata, &smithy.SerializationError{Err: err}
|
||||
}
|
||||
httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded")
|
||||
|
||||
bodyWriter := bytes.NewBuffer(nil)
|
||||
bodyEncoder := query.NewEncoder(bodyWriter)
|
||||
body := bodyEncoder.Object()
|
||||
body.Key("Action").String("AssumeRoot")
|
||||
body.Key("Version").String("2011-06-15")
|
||||
|
||||
if err := awsAwsquery_serializeOpDocumentAssumeRootInput(input, bodyEncoder.Value); err != nil {
|
||||
return out, metadata, &smithy.SerializationError{Err: err}
|
||||
}
|
||||
|
||||
err = bodyEncoder.Encode()
|
||||
if err != nil {
|
||||
return out, metadata, &smithy.SerializationError{Err: err}
|
||||
}
|
||||
|
||||
if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil {
|
||||
return out, metadata, &smithy.SerializationError{Err: err}
|
||||
}
|
||||
|
||||
if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil {
|
||||
return out, metadata, &smithy.SerializationError{Err: err}
|
||||
}
|
||||
in.Request = request
|
||||
|
||||
endTimer()
|
||||
span.End()
|
||||
return next.HandleSerialize(ctx, in)
|
||||
}
|
||||
|
||||
type awsAwsquery_serializeOpDecodeAuthorizationMessage struct {
|
||||
}
|
||||
|
||||
@ -821,6 +891,30 @@ func awsAwsquery_serializeOpDocumentAssumeRoleWithWebIdentityInput(v *AssumeRole
|
||||
return nil
|
||||
}
|
||||
|
||||
func awsAwsquery_serializeOpDocumentAssumeRootInput(v *AssumeRootInput, value query.Value) error {
|
||||
object := value.Object()
|
||||
_ = object
|
||||
|
||||
if v.DurationSeconds != nil {
|
||||
objectKey := object.Key("DurationSeconds")
|
||||
objectKey.Integer(*v.DurationSeconds)
|
||||
}
|
||||
|
||||
if v.TargetPrincipal != nil {
|
||||
objectKey := object.Key("TargetPrincipal")
|
||||
objectKey.String(*v.TargetPrincipal)
|
||||
}
|
||||
|
||||
if v.TaskPolicyArn != nil {
|
||||
objectKey := object.Key("TaskPolicyArn")
|
||||
if err := awsAwsquery_serializeDocumentPolicyDescriptorType(v.TaskPolicyArn, objectKey); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func awsAwsquery_serializeOpDocumentDecodeAuthorizationMessageInput(v *DecodeAuthorizationMessageInput, value query.Value) error {
|
||||
object := value.Object()
|
||||
_ = object
|
||||
|
8
vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go
generated
vendored
8
vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go
generated
vendored
@ -95,8 +95,8 @@ func (e *IDPRejectedClaimException) ErrorCode() string {
|
||||
func (e *IDPRejectedClaimException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
|
||||
|
||||
// The error returned if the message passed to DecodeAuthorizationMessage was
|
||||
// invalid. This can happen if the token contains invalid characters, such as
|
||||
// linebreaks.
|
||||
// invalid. This can happen if the token contains invalid characters, such as line
|
||||
// breaks, or if the message has expired.
|
||||
type InvalidAuthorizationMessageException struct {
|
||||
Message *string
|
||||
|
||||
@ -218,10 +218,10 @@ func (e *PackedPolicyTooLargeException) ErrorFault() smithy.ErrorFault { return
|
||||
|
||||
// STS is not activated in the requested region for the account that is being
|
||||
// asked to generate credentials. The account administrator must use the IAM
|
||||
// console to activate STS in that region. For more information, see [Activating and Deactivating Amazon Web Services STS in an Amazon Web Services Region]in the IAM
|
||||
// console to activate STS in that region. For more information, see [Activating and Deactivating STS in an Amazon Web Services Region]in the IAM
|
||||
// User Guide.
|
||||
//
|
||||
// [Activating and Deactivating Amazon Web Services STS in an Amazon Web Services Region]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
|
||||
// [Activating and Deactivating STS in an Amazon Web Services Region]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
|
||||
type RegionDisabledException struct {
|
||||
Message *string
|
||||
|
||||
|
42
vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go
generated
vendored
42
vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go
generated
vendored
@ -70,6 +70,26 @@ func (m *validateOpAssumeRoleWithWebIdentity) HandleInitialize(ctx context.Conte
|
||||
return next.HandleInitialize(ctx, in)
|
||||
}
|
||||
|
||||
type validateOpAssumeRoot struct {
|
||||
}
|
||||
|
||||
func (*validateOpAssumeRoot) ID() string {
|
||||
return "OperationInputValidation"
|
||||
}
|
||||
|
||||
func (m *validateOpAssumeRoot) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
|
||||
out middleware.InitializeOutput, metadata middleware.Metadata, err error,
|
||||
) {
|
||||
input, ok := in.Parameters.(*AssumeRootInput)
|
||||
if !ok {
|
||||
return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters)
|
||||
}
|
||||
if err := validateOpAssumeRootInput(input); err != nil {
|
||||
return out, metadata, err
|
||||
}
|
||||
return next.HandleInitialize(ctx, in)
|
||||
}
|
||||
|
||||
type validateOpDecodeAuthorizationMessage struct {
|
||||
}
|
||||
|
||||
@ -142,6 +162,10 @@ func addOpAssumeRoleWithWebIdentityValidationMiddleware(stack *middleware.Stack)
|
||||
return stack.Initialize.Add(&validateOpAssumeRoleWithWebIdentity{}, middleware.After)
|
||||
}
|
||||
|
||||
func addOpAssumeRootValidationMiddleware(stack *middleware.Stack) error {
|
||||
return stack.Initialize.Add(&validateOpAssumeRoot{}, middleware.After)
|
||||
}
|
||||
|
||||
func addOpDecodeAuthorizationMessageValidationMiddleware(stack *middleware.Stack) error {
|
||||
return stack.Initialize.Add(&validateOpDecodeAuthorizationMessage{}, middleware.After)
|
||||
}
|
||||
@ -254,6 +278,24 @@ func validateOpAssumeRoleWithWebIdentityInput(v *AssumeRoleWithWebIdentityInput)
|
||||
}
|
||||
}
|
||||
|
||||
func validateOpAssumeRootInput(v *AssumeRootInput) error {
|
||||
if v == nil {
|
||||
return nil
|
||||
}
|
||||
invalidParams := smithy.InvalidParamsError{Context: "AssumeRootInput"}
|
||||
if v.TargetPrincipal == nil {
|
||||
invalidParams.Add(smithy.NewErrParamRequired("TargetPrincipal"))
|
||||
}
|
||||
if v.TaskPolicyArn == nil {
|
||||
invalidParams.Add(smithy.NewErrParamRequired("TaskPolicyArn"))
|
||||
}
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
} else {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func validateOpDecodeAuthorizationMessageInput(v *DecodeAuthorizationMessageInput) error {
|
||||
if v == nil {
|
||||
return nil
|
||||
|
9
vendor/github.com/aws/smithy-go/CHANGELOG.md
generated
vendored
9
vendor/github.com/aws/smithy-go/CHANGELOG.md
generated
vendored
@ -1,3 +1,12 @@
|
||||
# Release (2024-11-15)
|
||||
|
||||
## General Highlights
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
## Module Highlights
|
||||
* `github.com/aws/smithy-go`: v1.22.1
|
||||
* **Bug Fix**: Fix failure to replace URI path segments when their names overlap.
|
||||
|
||||
# Release (2024-10-03)
|
||||
|
||||
## General Highlights
|
||||
|
30
vendor/github.com/aws/smithy-go/encoding/httpbinding/path_replace.go
generated
vendored
30
vendor/github.com/aws/smithy-go/encoding/httpbinding/path_replace.go
generated
vendored
@ -22,33 +22,33 @@ func bufCap(b []byte, n int) []byte {
|
||||
// replacePathElement replaces a single element in the path []byte.
|
||||
// Escape is used to control whether the value will be escaped using Amazon path escape style.
|
||||
func replacePathElement(path, fieldBuf []byte, key, val string, escape bool) ([]byte, []byte, error) {
|
||||
fieldBuf = bufCap(fieldBuf, len(key)+3) // { <key> [+] }
|
||||
// search for "{<key>}". If not found, search for the greedy version "{<key>+}". If none are found, return error
|
||||
fieldBuf = bufCap(fieldBuf, len(key)+2) // { <key> }
|
||||
fieldBuf = append(fieldBuf, uriTokenStart)
|
||||
fieldBuf = append(fieldBuf, key...)
|
||||
fieldBuf = append(fieldBuf, uriTokenStop)
|
||||
|
||||
start := bytes.Index(path, fieldBuf)
|
||||
end := start + len(fieldBuf)
|
||||
if start < 0 || len(path[end:]) == 0 {
|
||||
// TODO what to do about error?
|
||||
return path, fieldBuf, fmt.Errorf("invalid path index, start=%d,end=%d. %s", start, end, path)
|
||||
}
|
||||
|
||||
encodeSep := true
|
||||
if path[end] == uriTokenSkip {
|
||||
// '+' token means do not escape slashes
|
||||
if start < 0 {
|
||||
fieldBuf = bufCap(fieldBuf, len(key)+3) // { <key> [+] }
|
||||
fieldBuf = append(fieldBuf, uriTokenStart)
|
||||
fieldBuf = append(fieldBuf, key...)
|
||||
fieldBuf = append(fieldBuf, uriTokenSkip)
|
||||
fieldBuf = append(fieldBuf, uriTokenStop)
|
||||
|
||||
start = bytes.Index(path, fieldBuf)
|
||||
if start < 0 {
|
||||
return path, fieldBuf, fmt.Errorf("invalid path index, start=%d. %s", start, path)
|
||||
}
|
||||
encodeSep = false
|
||||
end++
|
||||
}
|
||||
end := start + len(fieldBuf)
|
||||
|
||||
if escape {
|
||||
val = EscapePath(val, encodeSep)
|
||||
}
|
||||
|
||||
if path[end] != uriTokenStop {
|
||||
return path, fieldBuf, fmt.Errorf("invalid path element, does not contain token stop, %s", path)
|
||||
}
|
||||
end++
|
||||
|
||||
fieldBuf = bufCap(fieldBuf, len(val))
|
||||
fieldBuf = append(fieldBuf, val...)
|
||||
|
||||
|
2
vendor/github.com/aws/smithy-go/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/smithy-go/go_module_metadata.go
generated
vendored
@ -3,4 +3,4 @@
|
||||
package smithy
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.22.0"
|
||||
const goModuleVersion = "1.22.1"
|
||||
|
14
vendor/modules.txt
vendored
14
vendor/modules.txt
vendored
@ -126,7 +126,7 @@ github.com/aws/aws-sdk-go/service/sso/ssoiface
|
||||
github.com/aws/aws-sdk-go/service/ssooidc
|
||||
github.com/aws/aws-sdk-go/service/sts
|
||||
github.com/aws/aws-sdk-go/service/sts/stsiface
|
||||
# github.com/aws/aws-sdk-go-v2 v1.32.4
|
||||
# github.com/aws/aws-sdk-go-v2 v1.32.5
|
||||
## explicit; go 1.21
|
||||
github.com/aws/aws-sdk-go-v2/aws
|
||||
github.com/aws/aws-sdk-go-v2/aws/defaults
|
||||
@ -149,24 +149,24 @@ github.com/aws/aws-sdk-go-v2/internal/sdk
|
||||
github.com/aws/aws-sdk-go-v2/internal/strings
|
||||
github.com/aws/aws-sdk-go-v2/internal/sync/singleflight
|
||||
github.com/aws/aws-sdk-go-v2/internal/timeconv
|
||||
# github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.23
|
||||
# github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24
|
||||
## explicit; go 1.21
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources
|
||||
# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.23
|
||||
# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24
|
||||
## explicit; go 1.21
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2
|
||||
# github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0
|
||||
# github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1
|
||||
## explicit; go 1.21
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding
|
||||
# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.4
|
||||
# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5
|
||||
## explicit; go 1.21
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url
|
||||
# github.com/aws/aws-sdk-go-v2/service/sts v1.32.4
|
||||
# github.com/aws/aws-sdk-go-v2/service/sts v1.33.1
|
||||
## explicit; go 1.21
|
||||
github.com/aws/aws-sdk-go-v2/service/sts
|
||||
github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints
|
||||
github.com/aws/aws-sdk-go-v2/service/sts/types
|
||||
# github.com/aws/smithy-go v1.22.0
|
||||
# github.com/aws/smithy-go v1.22.1
|
||||
## explicit; go 1.21
|
||||
github.com/aws/smithy-go
|
||||
github.com/aws/smithy-go/auth
|
||||
|
Loading…
Reference in New Issue
Block a user