mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-01-18 10:49:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #132 from ceph/devel

Browse Source 
Sync downstream devel
This commit is contained in:
OpenShift Merge Robot 2022-09-14 17:50:27 +02:00 committed by GitHub
commit f234e552be
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
38 changed files with 2199 additions and 260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -56,12 +56,10 @@ environments.
| Ceph CSI Version | Container Orchestrator Name | Version Tested|
| -----------------| --------------------------- | --------------|
| v3.7.1 | Kubernetes | v1.22, v1.23, v1.24|
| v3.7.0 | Kubernetes | v1.22, v1.23, v1.24|
| v3.6.1 | Kubernetes | v1.21, v1.22, v1.23|
| v3.6.0 | Kubernetes | v1.21, v1.22, v1.23|
| v3.5.1 | Kubernetes | v1.21, v1.22, v1.23|
| v3.5.0 | Kubernetes | v1.21, v1.22, v1.23|
| v3.4.0 | Kubernetes | v1.20, v1.21, v1.22|
There is work in progress to make this CO-independent and thus
support other orchestration environments (Nomad, Mesos..etc).
@ -132,14 +130,15 @@ in the Kubernetes documentation.
| Ceph CSI Release/Branch | Container image name | Image Tag |
| ----------------------- | ---------------------------- | --------- |
| devel (Branch) | quay.io/cephcsi/cephcsi | canary |
| v3.7.1 (Release) | quay.io/cephcsi/cephcsi | v3.7.1 |
| v3.7.0 (Release) | quay.io/cephcsi/cephcsi | v3.7.0 |
| v3.6.1 (Release) | quay.io/cephcsi/cephcsi | v3.6.1 |
| v3.6.0 (Release) | quay.io/cephcsi/cephcsi | v3.6.0 |
| v3.5.1 (Release) | quay.io/cephcsi/cephcsi | v3.5.1 |
| v3.5.0 (Release) | quay.io/cephcsi/cephcsi | v3.5.0 |
| Deprecated Ceph CSI Release/Branch | Container image name | Image Tag |
| ----------------------- | --------------------------------| --------- |
| v3.5.1 (Release) | quay.io/cephcsi/cephcsi | v3.5.1 |
| v3.5.0 (Release) | quay.io/cephcsi/cephcsi | v3.5.0 |
| v3.4.0 (Release) | quay.io/cephcsi/cephcsi | v3.4.0 |
| v3.3.1 (Release) | quay.io/cephcsi/cephcsi | v3.3.1 |
| v3.3.0 (Release) | quay.io/cephcsi/cephcsi | v3.3.0 |

4
docs/ceph-csi-upgrade.md
View File

@ -106,12 +106,12 @@ compatibility support and without prior notice.
**Also, we do not recommend any direct upgrades to 3.7 except from 3.6 to 3.7.**
For example, upgrading from 3.5 to 3.7 is not recommended.
git checkout v3.7.0 tag
git checkout v3.7.1 tag
```bash
git clone https://github.com/ceph/ceph-csi.git
cd ./ceph-csi
git checkout v3.7.0
git checkout v3.7.1
```
```console

16
go.mod
View File

@ -3,9 +3,9 @@ module github.com/ceph/ceph-csi
go 1.17
require (
github.com/IBM/keyprotect-go-client v0.8.0
github.com/aws/aws-sdk-go v1.44.82
github.com/aws/aws-sdk-go-v2/service/sts v1.16.13
github.com/IBM/keyprotect-go-client v0.8.1
github.com/aws/aws-sdk-go v1.44.96
github.com/aws/aws-sdk-go-v2/service/sts v1.16.17
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
github.com/ceph/go-ceph v0.17.0
@ -51,11 +51,11 @@ require (
github.com/ansel1/merry/v2 v2.0.1 // indirect
github.com/armon/go-metrics v0.3.9 // indirect
github.com/armon/go-radix v1.0.0 // indirect
github.com/aws/aws-sdk-go-v2 v1.16.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12 // indirect
github.com/aws/smithy-go v1.12.1 // indirect
github.com/aws/aws-sdk-go-v2 v1.16.14 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.21 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.15 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.15 // indirect
github.com/aws/smithy-go v1.13.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cenkalti/backoff/v3 v3.0.0 // indirect

34
go.sum
View File

@ -88,8 +88,8 @@ github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3
github.com/DataDog/zstd v1.4.4/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
github.com/GoogleCloudPlatform/k8s-cloud-provider v1.18.1-0.20220218231025-f11817397a1b/go.mod h1:FNj4KYEAAHfYu68kRYolGoxkaJn+6mdEsaM12VTwuI0=
github.com/IBM/keyprotect-go-client v0.5.1/go.mod h1:5TwDM/4FRJq1ZOlwQL1xFahLWQ3TveR88VmL1u3njyI=
github.com/IBM/keyprotect-go-client v0.8.0 h1:IgLKSigHRpCCl5cZjBkOYziUZ9zxn6w9iRh+KA8Siww=
github.com/IBM/keyprotect-go-client v0.8.0/go.mod h1:yr8h2noNgU8vcbs+vhqoXp3Lmv73PI0zAc6VMgFvWwM=
github.com/IBM/keyprotect-go-client v0.8.1 h1:viTQCtoeWQeDRTe8S0ed++uM4J2uf1DGuQbV9mNTCj8=
github.com/IBM/keyprotect-go-client v0.8.1/go.mod h1:yr8h2noNgU8vcbs+vhqoXp3Lmv73PI0zAc6VMgFvWwM=
github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab/go.mod h1:3VYc5hodBMJ5+l/7J4xAyMeuM2PNuepvHlGs8yilUCA=
github.com/Jeffail/gabs v1.1.1 h1:V0uzR08Hj22EX8+8QMhyI9sX2hwRu+/RJhJUmnwda/E=
github.com/Jeffail/gabs v1.1.1/go.mod h1:6xMvQMK4k33lb7GUUpaAPh6nKMmemQeg5d4gn7/bOXc=
@ -160,20 +160,20 @@ github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi
github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k=
github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
github.com/aws/aws-sdk-go v1.44.67/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
github.com/aws/aws-sdk-go v1.44.82 h1:Miji7nHIMxTWfa831nZf8XAcMWGLaT+PvsS6CdbMG7M=
github.com/aws/aws-sdk-go v1.44.82/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
github.com/aws/aws-sdk-go-v2 v1.16.11 h1:xM1ZPSvty3xVmdxiGr7ay/wlqv+MWhH0rMlyLdbC0YQ=
github.com/aws/aws-sdk-go-v2 v1.16.11/go.mod h1:WTACcleLz6VZTp7fak4EO5b9Q4foxbn+8PIz3PmyKlo=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18 h1:OmiwoVyLKEqqD5GvB683dbSqxiOfvx4U2lDZhG2Esc4=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18/go.mod h1:348MLhzV1GSlZSMusdwQpXKbhD7X2gbI/TxwAPKkYZQ=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12 h1:5mvQDtNWtI6H56+E4LUnLWEmATMB7oEh+Z9RurtIuC0=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12/go.mod h1:ckaCVTEdGAxO6KwTGzgskxR1xM+iJW4lxMyDFVda2Fc=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12 h1:7iPTTX4SAI2U2VOogD7/gmHlsgnYSgoNHt7MSQXtG2M=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12/go.mod h1:1TODGhheLWjpQWSuhYuAUWYTCKwEjx2iblIFKDHjeTc=
github.com/aws/aws-sdk-go-v2/service/sts v1.16.13 h1:dl8T0PJlN92rvEGOEUiD0+YPYdPEaCZK0TqHukvSfII=
github.com/aws/aws-sdk-go-v2/service/sts v1.16.13/go.mod h1:Ru3QVMLygVs/07UQ3YDur1AQZZp2tUNje8wfloFttC0=
github.com/aws/smithy-go v1.12.1 h1:yQRC55aXN/y1W10HgwHle01DRuV9Dpf31iGkotjt3Ag=
github.com/aws/smithy-go v1.12.1/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/aws/aws-sdk-go v1.44.96 h1:S9paaqnJ0AJ95t5AB+iK8RM6YNZN0W0Lek1gOVJsEr8=
github.com/aws/aws-sdk-go v1.44.96/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
github.com/aws/aws-sdk-go-v2 v1.16.14 h1:db6GvO4Z2UqHt5gvT0lr6J5x5P+oQ7bdRzczVaRekMU=
github.com/aws/aws-sdk-go-v2 v1.16.14/go.mod h1:s/G+UV29dECbF5rf+RNj1xhlmvoNurGSr+McVSRj59w=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.21 h1:gRIXnmAVNyoRQywdNtpAkgY+f30QNzgF53Q5OobNZZs=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.21/go.mod h1:XsmHMV9c512xgsW01q7H0ut+UQQQpWX8QsFbdLHDwaU=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.15 h1:noAhOo2mMDyYhTx99aYPvQw16T3fQ/DiKAv9fzpIKH8=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.15/go.mod h1:kjJ4CyD9M3Wq88GYg3IPfj67Rs0Uvz8aXK7MJ8BvE4I=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.15 h1:xlf0J6DUgAj/ocvKQxCmad8Bu1lJuRbt5Wu+4G1xw1g=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.15/go.mod h1:ZVJ7ejRl4+tkWMuCwjXoy0jd8fF5u3RCyWjSVjUIvQE=
github.com/aws/aws-sdk-go-v2/service/sts v1.16.17 h1:LVM2jzEQ8mhb2dhrFl4PJ3sa5+KcKT01dsMk2Ma9/FU=
github.com/aws/aws-sdk-go-v2/service/sts v1.16.17/go.mod h1:bQujK1n0V1D1Gz5uII1jaB1WDvhj4/T3tElsJnVXCR0=
github.com/aws/smithy-go v1.13.2 h1:TBLKyeJfXTrTXRHmsv4qWt9IQGYyWThLYaJWSahTOGE=
github.com/aws/smithy-go v1.13.2/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
github.com/baum/kmip-go v0.0.0-20220714190649-7b37ecf92eb2/go.mod h1:5WlKRqL5dfI68V56W+4ZmlPSL+TSfqQrKJYI8CSJz+E=
github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
@ -278,8 +278,6 @@ github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ
github.com/csi-addons/replication-lib-utils v0.2.0 h1:tGs42wfjkObbBo/98a3uxTFWEJ1dq5PIMqPWtdLd040=
github.com/csi-addons/replication-lib-utils v0.2.0/go.mod h1:ROQlEsc2EerVtc/K/C+6Hx8pqaQ9MVy9xFFpyKfI9lc=
github.com/csi-addons/spec v0.1.0/go.mod h1:Mwq4iLiUV4s+K1bszcWU6aMsR5KPsbIYzzszJ6+56vI=
github.com/csi-addons/spec v0.1.2-0.20220829042231-b27a0d84b50b h1:C5KgryC4RwQVSF8L/pgcKftgn7Z1zHFZlACJukPlCxs=
github.com/csi-addons/spec v0.1.2-0.20220829042231-b27a0d84b50b/go.mod h1:Mwq4iLiUV4s+K1bszcWU6aMsR5KPsbIYzzszJ6+56vI=
github.com/csi-addons/spec v0.1.2-0.20220906123848-52ce69f90900 h1:zX0138DipZsZqxK1UwAmaRZmL89OuQMkwh7FtvTDgFw=
github.com/csi-addons/spec v0.1.2-0.20220906123848-52ce69f90900/go.mod h1:Mwq4iLiUV4s+K1bszcWU6aMsR5KPsbIYzzszJ6+56vI=
github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=

29
internal/rbd/replicationcontrollerserver.go
View File

@ -898,14 +898,14 @@ func (rs *ReplicationServer) GetVolumeReplicationInfo(ctx context.Context,
return nil, status.Error(codes.Internal, err.Error())
}
localStatus, err := mirrorStatus.LocalStatus()
remoteStatus, err := RemoteStatus(mirrorStatus)
if err != nil {
log.ErrorLog(ctx, err.Error())
return nil, fmt.Errorf("failed to get local status: %w", err)
return nil, fmt.Errorf("failed to get remote status: %w", err)
}
description := localStatus.Description
description := remoteStatus.Description
lastSyncTime, err := getLastSyncTime(description)
if err != nil {
return nil, fmt.Errorf("failed to get last sync time: %w", err)
@ -918,6 +918,26 @@ func (rs *ReplicationServer) GetVolumeReplicationInfo(ctx context.Context,
return resp, nil
}
// RemoteStatus returns one SiteMirrorImageStatus item from the SiteStatuses
// slice that corresponds to the remote site's status. If the remote status
// is not found than the error ErrNotExist will be returned.
func RemoteStatus(gmis *librbd.GlobalMirrorImageStatus) (librbd.SiteMirrorImageStatus, error) {
var (
ss librbd.SiteMirrorImageStatus
err error = librbd.ErrNotExist
)
for i := range gmis.SiteStatuses {
if gmis.SiteStatuses[i].MirrorUUID != "" {
ss = gmis.SiteStatuses[i]
err = nil
break
}
}
return ss, err
}
// This function gets the local snapshot time from the description
// of localStatus and converts it into required type.
func getLastSyncTime(description string) (*timestamppb.Timestamp, error) {
@ -930,6 +950,9 @@ func getLastSyncTime(description string) (*timestamppb.Timestamp, error) {
return nil, nil
}
splittedString := strings.SplitN(description, ",", 2)
if len(splittedString) == 1 {
return nil, nil
}
type localStatus struct {
LocalSnapshotTime int64 `json:"local_snapshot_timestamp"`
}

6
internal/rbd/replicationcontrollerserver_test.go
View File

@ -469,6 +469,12 @@ func TestValidateLastSyncTime(t *testing.T) {
nil,
"failed to unmarshal description",
},
{
"description with no JSON",
`replaying`,
nil,
"",
},
}
for _, tt := range tests {
tt := tt

55
vendor/github.com/IBM/keyprotect-go-client/README.md generated vendored
View File

@ -27,7 +27,7 @@ This client expects that you have an existing IBM Cloud Key Protect Service Inst
Build a client with `ClientConfig` and `New`, then use the client to do some operations.
```go
import "github.com/IBM/keyprotect-go-client"
import kp "github.com/IBM/keyprotect-go-client"
// Use your IAM API Key and your KeyProtect Service Instance GUID/UUID to create a ClientConfig
cc := kp.ClientConfig{
@ -214,3 +214,56 @@ if err != nil {
}
fmt.Println(keys)
```
### Fetching List Key In Sorted Ascending Order Based On Paramaeters.
```go
srtStr, _ := kp.GetKeySortStr(kp.WithCreationDate(), kp.WithImported())
listKeysOptions := &kp.ListKeysOptions{
Sort:srtStr,
}
keys, err := client.ListKeys(ctx, listKeysOptions)
if err != nil {
fmt.Println(err)
}
fmt.Println(keys)
```
### Fetching List Key In Sorted Descending Order Based On Paramaeters.
```go
srtStr, _ := GetKeySortStr(WithCreationDateDesc(), WithImportedDesc())
listKeysOptions := &ListKeysOptions{
Sort: srtStr,
}
keys, err := client.ListKeys(ctx, listKeysOptions)
if err != nil {
fmt.Println(err)
}
fmt.Println(keys)
```
For more information about KeySearch visit: https://cloud.ibm.com/apidocs/key-protect#kp-get-key-search-api
### Using Search functionality in list Keys API
```go
searchStr := "foobar"
srcStr2, _ := kp.GetKeySearchQuery(&searchStr, kp.ApplyNot(), kp.AddAliasScope())
listKeysOptions := &kp.ListKeysOptions{
Search: srcStr2,
}
keys, err := client.ListKeys(ctx, listKeysOptions)
if err != nil {
fmt.Println(err)
}
fmt.Println(keys)
```

50
vendor/github.com/IBM/keyprotect-go-client/keys.go generated vendored
View File

@ -21,7 +21,6 @@ import (
"log"
"net/url"
"strconv"
"strings"
"time"
)
@ -286,55 +285,6 @@ func (c *Client) GetKeys(ctx context.Context, limit int, offset int) (*Keys, err
return &keys, nil
}
//ListKeysOptions struct to add the query parameters for the List Keys function
type ListKeysOptions struct {
Extractable *bool
Limit *uint32
Offset *uint32
State []KeyState
}
// ListKeys retrieves a list of keys that are stored in your Key Protect service instance.
// https://cloud.ibm.com/apidocs/key-protect#getkeys
func (c *Client) ListKeys(ctx context.Context, listKeysOptions *ListKeysOptions) (*Keys, error) {
req, err := c.newRequest("GET", "keys", nil)
if err != nil {
return nil, err
}
// extracting the query parameters and encoding the same in the request url
if listKeysOptions != nil {
values := req.URL.Query()
if listKeysOptions.Limit != nil {
values.Set("limit", fmt.Sprint(*listKeysOptions.Limit))
}
if listKeysOptions.Offset != nil {
values.Set("offset", fmt.Sprint(*listKeysOptions.Offset))
}
if listKeysOptions.State != nil {
var states []string
for _, i := range listKeysOptions.State {
states = append(states, strconv.Itoa(int(i)))
}
values.Set("state", strings.Join(states, ","))
}
if listKeysOptions.Extractable != nil {
values.Set("extractable", fmt.Sprint(*listKeysOptions.Extractable))
}
req.URL.RawQuery = values.Encode()
}
keys := Keys{}
_, err = c.do(ctx, req, &keys)
if err != nil {
return nil, err
}
return &keys, nil
}
// GetKey retrieves a key by ID or alias name.
// For more information on Key Alias please refer to the link below
// https://cloud.ibm.com/docs/key-protect?topic=key-protect-retrieve-key

213
vendor/github.com/IBM/keyprotect-go-client/listkeys.go generated vendored Normal file
View File

@ -0,0 +1,213 @@
// Copyright 2019 IBM Corp.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// keyprotect-go-client is a Go client library for interacting with the IBM KeyProtect service.
package kp
import (
"context"
"fmt"
"strconv"
"strings"
)
//ListKeysOptions struct to add the query parameters for the List Keys function
type ListKeysOptions struct {
Extractable *bool
Limit *uint32
Offset *uint32
State []KeyState
Sort *string
Search *string
}
// ListKeys retrieves a list of keys that are stored in your Key Protect service instance.
// https://cloud.ibm.com/apidocs/key-protect#getkeys
func (c *Client) ListKeys(ctx context.Context, listKeysOptions *ListKeysOptions) (*Keys, error) {
req, err := c.newRequest("GET", "keys", nil)
if err != nil {
return nil, err
}
// extracting the query parameters and encoding the same in the request url
if listKeysOptions != nil {
values := req.URL.Query()
if listKeysOptions.Limit != nil {
values.Set("limit", fmt.Sprint(*listKeysOptions.Limit))
}
if listKeysOptions.Offset != nil {
values.Set("offset", fmt.Sprint(*listKeysOptions.Offset))
}
if listKeysOptions.State != nil {
var states []string
for _, i := range listKeysOptions.State {
states = append(states, strconv.Itoa(int(i)))
}
values.Set("state", strings.Join(states, ","))
}
if listKeysOptions.Extractable != nil {
values.Set("extractable", fmt.Sprint(*listKeysOptions.Extractable))
}
if listKeysOptions.Search != nil {
values.Set("search", fmt.Sprint(*listKeysOptions.Search, ","))
}
if listKeysOptions.Sort != nil {
values.Set("sort", fmt.Sprint(*listKeysOptions.Sort))
}
req.URL.RawQuery = values.Encode()
}
keys := Keys{}
_, err = c.do(ctx, req, &keys)
if err != nil {
return nil, err
}
return &keys, nil
}
type SortByOpts func(s *string)
// sort related funcs
func GetKeySortStr(opts ...SortByOpts) *string {
sortStr := ""
for _, opt := range opts {
opt(&sortStr)
}
return &sortStr
}
func buildSortOpts(val string) SortByOpts {
return func(s *string) {
*s += "," + val
// remove the extra comma appended in the begining of the string
*s = strings.TrimLeft(*s, ",")
}
}
// sort by id
func WithID() SortByOpts {
return buildSortOpts("id")
}
func WithIDDesc() SortByOpts {
return buildSortOpts("-id")
}
// sort by creation date
func WithCreationDate() SortByOpts {
return buildSortOpts("creationDate")
}
func WithCreationDateDesc() SortByOpts {
return buildSortOpts("-creationDate")
}
// sort by deletionDate
func WithDeletionDate() SortByOpts {
return buildSortOpts("deletionDate")
}
func WithDeletionDateDesc() SortByOpts {
return buildSortOpts("-deletionDate")
}
// sort by expirationDate
func WithExpirationDate() SortByOpts {
return buildSortOpts("expirationDate")
}
func WithExpirationDateDesc() SortByOpts {
return buildSortOpts("-expirationDate")
}
// sort by extractable
func WithExtractable() SortByOpts {
return buildSortOpts("extractable")
}
func WithExtractableDesc() SortByOpts {
return buildSortOpts("-extractable")
}
// sort by imported
func WithImported() SortByOpts {
return buildSortOpts("imported")
}
func WithImportedDesc() SortByOpts {
return buildSortOpts("-imported")
}
// sort by lastRotateDate
func WithLastRotateDate() SortByOpts {
return buildSortOpts("lastRotateDate")
}
func WithLastRotateDateDesc() SortByOpts {
return buildSortOpts("-lastRotateDate")
}
// sort by lastUpdateDate
func WithLastUpdateDate() SortByOpts {
return buildSortOpts("lastUpdateDate")
}
func WithLastUpdateDateDesc() SortByOpts {
return buildSortOpts("-lastUpdateDate")
}
// sort by state
func WithState() SortByOpts {
return buildSortOpts("state")
}
func WithStateDesc() SortByOpts {
return buildSortOpts("-state")
}
type SearchOpts func(s *string)
func GetKeySearchQuery(searchStr *string, opts ...SearchOpts) (*string, error) {
for _, opt := range opts {
opt(searchStr)
}
return searchStr, nil
}
func buildSearcOpts(val string) SearchOpts {
return func(s *string) {
*s = val + ":" + *s
}
}
func WithExactMatch() SearchOpts {
return buildSearcOpts("exact")
}
func AddEscape() SearchOpts {
return buildSearcOpts("escape")
}
func ApplyNot() SearchOpts {
return buildSearcOpts("not")
}
func AddAliasScope() SearchOpts {
return buildSearcOpts("alias")
}
func AddKeyNameScope() SearchOpts {
return buildSearcOpts("name")
}

15
vendor/github.com/aws/aws-sdk-go-v2/aws/config.go generated vendored
View File

@ -3,13 +3,14 @@ package aws
import (
"net/http"
smithybearer "github.com/aws/smithy-go/auth/bearer"
"github.com/aws/smithy-go/logging"
"github.com/aws/smithy-go/middleware"
)
// HTTPClient provides the interface to provide custom HTTPClients. Generally
// *http.Client is sufficient for most use cases. The HTTPClient should not
// follow redirects.
// follow 301 or 302 redirects.
type HTTPClient interface {
Do(*http.Request) (*http.Response, error)
}
@ -30,6 +31,18 @@ type Config struct {
// variables, shared credential file, and EC2 Instance Roles.
Credentials CredentialsProvider
// The Bearer Authentication token provider to use for authenticating API
// operation calls with a Bearer Authentication token. The API clients and
// operation must support Bearer Authentication scheme in order for the
// token provider to be used. API clients created with NewFromConfig will
// automatically be configured with this option, if the API client support
// Bearer Authentication.
//
// The SDK's config.LoadDefaultConfig can automatically populate this
// option for external configuration options such as SSO session.
// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
BearerAuthTokenProvider smithybearer.TokenProvider
// The HTTP Client the SDK's API clients will use to invoke HTTP requests.
// The SDK defaults to a BuildableClient allowing API clients to create
// copies of the HTTP Client for service specific customizations.

2
vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package aws
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.16.11"
const goModuleVersion = "1.16.14"

2
vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go generated vendored
View File

@ -82,7 +82,7 @@ func (m *dynamicPayloadSigningMiddleware) HandleBuild(
}
// if TLS is enabled, use unsigned payload when supported
if strings.EqualFold(req.URL.Scheme, "https") {
if req.IsHTTPS() {
return (&unsignedPayload{}).HandleBuild(ctx, in, next)
}

12
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md generated vendored
View File

@ -1,3 +1,15 @@
# v1.1.21 (2022-09-02)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.1.20 (2022-08-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.1.19 (2022-08-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.1.18 (2022-08-11)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package configsources
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.1.18"
const goModuleVersion = "1.1.21"

12
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md generated vendored
View File

@ -1,3 +1,15 @@
# v2.4.15 (2022-09-02)
* **Dependency Update**: Updated to the latest SDK module versions
# v2.4.14 (2022-08-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v2.4.13 (2022-08-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v2.4.12 (2022-08-11)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package endpoints
// goModuleVersion is the tagged release for this module
const goModuleVersion = "2.4.12"
const goModuleVersion = "2.4.15"

12
vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md generated vendored
View File

@ -1,3 +1,15 @@
# v1.9.15 (2022-09-02)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.9.14 (2022-08-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.9.13 (2022-08-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.9.12 (2022-08-11)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package presignedurl
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.9.12"
const goModuleVersion = "1.9.15"

16
vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md generated vendored
View File

@ -1,3 +1,19 @@
# v1.16.17 (2022-09-02)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.16.16 (2022-08-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.16.15 (2022-08-30)
* No change notes available for this release.
# v1.16.14 (2022-08-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.16.13 (2022-08-11)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package sts
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.16.13"
const goModuleVersion = "1.16.17"

3
vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go generated vendored
View File

@ -191,6 +191,9 @@ var defaultPartitions = endpoints.Partitions{
endpoints.EndpointKey{
Region: "eu-west-3",
}: endpoints.Endpoint{},
endpoints.EndpointKey{
Region: "me-central-1",
}: endpoints.Endpoint{},
endpoints.EndpointKey{
Region: "me-south-1",
}: endpoints.Endpoint{},

921
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go generated vendored
View File

File diff suppressed because it is too large Load Diff

2
vendor/github.com/aws/aws-sdk-go/aws/version.go generated vendored
View File

@ -5,4 +5,4 @@ package aws
const SDKName = "aws-sdk-go"
// SDKVersion is the version of this SDK
const SDKVersion = "1.44.82"
const SDKVersion = "1.44.96"

199
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go generated vendored
View File

@ -2182,9 +2182,8 @@ func (c *EC2) AttachClassicLinkVpcRequest(input *AttachClassicLinkVpcInput) (req
// AttachClassicLinkVpc API operation for Amazon Elastic Compute Cloud.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or
@ -4553,9 +4552,8 @@ func (c *EC2) CreateDefaultVpcRequest(input *CreateDefaultVpcInput) (req *reques
// VPC in a Region that supports EC2-Classic, see "I really want a default VPC
// for my existing EC2 account. Is that possible?" in the Default VPCs FAQ (http://aws.amazon.com/vpc/faqs/#Default_VPCs).
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -16412,9 +16410,8 @@ func (c *EC2) DescribeClassicLinkInstancesRequest(input *DescribeClassicLinkInst
// ClassicLink. You cannot use this request to return information about other
// instances.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -18571,9 +18568,11 @@ func (c *EC2) DescribeFlowLogsRequest(input *DescribeFlowLogsInput) (req *reques
// DescribeFlowLogs API operation for Amazon Elastic Compute Cloud.
//
// Describes one or more flow logs. To view the information in your flow logs
// (the log streams for the network interfaces), you must use the CloudWatch
// Logs console or the CloudWatch Logs API.
// Describes one or more flow logs.
//
// To view the published flow log records, you must view the log destination.
// For example, the CloudWatch Logs log group, the Amazon S3 bucket, or the
// Kinesis Data Firehose delivery stream.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@ -30128,9 +30127,8 @@ func (c *EC2) DescribeVpcClassicLinkRequest(input *DescribeVpcClassicLinkInput)
//
// Describes the ClassicLink status of one or more VPCs.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -30210,9 +30208,8 @@ func (c *EC2) DescribeVpcClassicLinkDnsSupportRequest(input *DescribeVpcClassicL
// DescribeVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Describes the ClassicLink DNS support status of one or more VPCs. If enabled,
@ -31490,9 +31487,8 @@ func (c *EC2) DetachClassicLinkVpcRequest(input *DetachClassicLinkVpcInput) (req
// DetachClassicLinkVpc API operation for Amazon Elastic Compute Cloud.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Unlinks (detaches) a linked EC2-Classic instance from a VPC. After the instance
@ -32501,9 +32497,8 @@ func (c *EC2) DisableVpcClassicLinkRequest(input *DisableVpcClassicLinkInput) (r
// Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC
// that has EC2-Classic instances linked to it.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -32585,9 +32580,8 @@ func (c *EC2) DisableVpcClassicLinkDnsSupportRequest(input *DisableVpcClassicLin
//
// You must specify a VPC ID in the request.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -34292,9 +34286,8 @@ func (c *EC2) EnableVpcClassicLinkRequest(input *EnableVpcClassicLinkInput) (req
// EnableVpcClassicLink API operation for Amazon Elastic Compute Cloud.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Enables a VPC for ClassicLink. You can then link EC2-Classic instances to
@ -34376,9 +34369,8 @@ func (c *EC2) EnableVpcClassicLinkDnsSupportRequest(input *EnableVpcClassicLinkD
// EnableVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled,
@ -43261,9 +43253,8 @@ func (c *EC2) ModifyVpcPeeringConnectionOptionsRequest(input *ModifyVpcPeeringCo
// ModifyVpcPeeringConnectionOptions API operation for Amazon Elastic Compute Cloud.
//
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Modifies the VPC peering connection options on one side of a VPC peering
@ -58074,9 +58065,8 @@ func (s *ClassicLinkDnsSupport) SetVpcId(v string) *ClassicLinkDnsSupport {
return s
}
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Describes a linked EC2-Classic instance.
@ -62689,11 +62679,15 @@ type CreateFlowLogsInput struct {
// of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html).
ClientToken *string `type:"string"`
// The ARN for the IAM role that permits Amazon EC2 to publish flow logs to
// a CloudWatch Logs log group in your account.
// The ARN of the IAM role that allows Amazon EC2 to publish flow logs across
// accounts.
DeliverCrossAccountRole *string `type:"string"`
// The ARN of the IAM role that allows Amazon EC2 to publish flow logs to a
// CloudWatch Logs log group in your account.
//
// If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn
// or LogGroupName.
// This parameter is required if the destination type is cloud-watch-logs and
// unsupported otherwise.
DeliverLogsPermissionArn *string `type:"string"`
// The destination options.
@ -62705,38 +62699,31 @@ type CreateFlowLogsInput struct {
// it is UnauthorizedOperation.
DryRun *bool `type:"boolean"`
// The destination to which the flow log data is to be published. Flow log data
// can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The
// value specified for this parameter depends on the value specified for LogDestinationType.
// The destination for the flow log data. The meaning of this parameter depends
// on the destination type.
//
// If LogDestinationType is not specified or cloud-watch-logs, specify the Amazon
// Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish
// to a log group called my-logs, specify arn:aws:logs:us-east-1:123456789012:log-group:my-logs.
// Alternatively, use LogGroupName instead.
// * If the destination type is cloud-watch-logs, specify the ARN of a CloudWatch
// Logs log group. For example: arn:aws:logs:region:account_id:log-group:my_group
// Alternatively, use the LogGroupName parameter.
//
// If LogDestinationType is s3, specify the ARN of the Amazon S3 bucket. You
// can also specify a subfolder in the bucket. To specify a subfolder in the
// bucket, use the following ARN format: bucket_ARN/subfolder_name/. For example,
// to specify a subfolder named my-logs in a bucket named my-bucket, use the
// following ARN: arn:aws:s3:::my-bucket/my-logs/. You cannot use AWSLogs as
// a subfolder name. This is a reserved term.
// * If the destination type is s3, specify the ARN of an S3 bucket. For
// example: arn:aws:s3:::my_bucket/my_subfolder/ The subfolder is optional.
// Note that you can't use AWSLogs as a subfolder name.
//
// * If the destination type is kinesis-data-firehose, specify the ARN of
// a Kinesis Data Firehose delivery stream. For example: arn:aws:firehose:region:account_id:deliverystream:my_stream
LogDestination *string `type:"string"`
// The type of destination to which the flow log data is to be published. Flow
// log data can be published to CloudWatch Logs or Amazon S3. To publish flow
// log data to CloudWatch Logs, specify cloud-watch-logs. To publish flow log
// data to Amazon S3, specify s3.
//
// If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn
// or LogGroupName.
// The type of destination for the flow log data.
//
// Default: cloud-watch-logs
LogDestinationType *string `type:"string" enum:"LogDestinationType"`
// The fields to include in the flow log record, in the order in which they
// should appear. For a list of available fields, see Flow log records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records).
// The fields to include in the flow log record. List the fields in the order
// in which they should appear. For more information about the available fields,
// see Flow log records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records).
// If you omit this parameter, the flow log is created using the default format.
// If you specify this parameter, you must specify at least one field.
// If you specify this parameter, you must include at least one field.
//
// Specify the fields using the ${field-id} format, separated by spaces. For
// the CLI, surround this parameter value with single quotes on Linux or double
@ -62746,8 +62733,7 @@ type CreateFlowLogsInput struct {
// The name of a new or existing CloudWatch Logs log group where Amazon EC2
// publishes your flow logs.
//
// If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn
// or LogGroupName.
// This parameter is valid only if the destination type is cloud-watch-logs.
LogGroupName *string `type:"string"`
// The maximum interval of time during which a flow of packets is captured and
@ -62761,16 +62747,15 @@ type CreateFlowLogsInput struct {
// Default: 600
MaxAggregationInterval *int64 `type:"integer"`
// The ID of the subnet, network interface, or VPC for which you want to create
// a flow log.
// The IDs of the resources to monitor. For example, if the resource type is
// VPC, specify the IDs of the VPCs.
//
// Constraints: Maximum of 1000 resources
//
// ResourceIds is a required field
ResourceIds []*string `locationName:"ResourceId" locationNameList:"item" type:"list" required:"true"`
// The type of resource for which to create the flow log. For example, if you
// specified a VPC ID for the ResourceId property, specify VPC for this property.
// The type of resource to monitor.
//
// ResourceType is a required field
ResourceType *string `type:"string" required:"true" enum:"FlowLogsResourceType"`
@ -62778,8 +62763,8 @@ type CreateFlowLogsInput struct {
// The tags to apply to the flow logs.
TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"`
// The type of traffic to log. You can log traffic that the resource accepts
// or rejects, or all traffic.
// The type of traffic to monitor (accepted traffic, rejected traffic, or all
// traffic).
TrafficType *string `type:"string" enum:"TrafficType"`
}
@ -62823,6 +62808,12 @@ func (s *CreateFlowLogsInput) SetClientToken(v string) *CreateFlowLogsInput {
return s
}
// SetDeliverCrossAccountRole sets the DeliverCrossAccountRole field's value.
func (s *CreateFlowLogsInput) SetDeliverCrossAccountRole(v string) *CreateFlowLogsInput {
s.DeliverCrossAccountRole = &v
return s
}
// SetDeliverLogsPermissionArn sets the DeliverLogsPermissionArn field's value.
func (s *CreateFlowLogsInput) SetDeliverLogsPermissionArn(v string) *CreateFlowLogsInput {
s.DeliverLogsPermissionArn = &v
@ -82579,9 +82570,8 @@ type DescribeFlowLogsInput struct {
//
// * deliver-log-status - The status of the logs delivery (SUCCESS | FAILED).
//
// * log-destination-type - The type of destination to which the flow log
// publishes data. Possible destination types include cloud-watch-logs and
// s3.
// * log-destination-type - The type of destination for the flow log data
// (cloud-watch-logs | s3 | kinesis-data-firehose).
//
// * flow-log-id - The ID of the flow log.
//
@ -106776,6 +106766,10 @@ type FlowLog struct {
// The date and time the flow log was created.
CreationTime *time.Time `locationName:"creationTime" type:"timestamp"`
// The ARN of the IAM role that allows the service to publish flow logs across
// accounts.
DeliverCrossAccountRole *string `locationName:"deliverCrossAccountRole" type:"string"`
// Information about the error that occurred. Rate limited indicates that CloudWatch
// Logs throttling has been applied for one or more network interfaces, or that
// you've reached the limit on the number of log groups that you can create.
@ -106784,7 +106778,8 @@ type FlowLog struct {
// indicates an internal error.
DeliverLogsErrorMessage *string `locationName:"deliverLogsErrorMessage" type:"string"`
// The ARN of the IAM role that posts logs to CloudWatch Logs.
// The ARN of the IAM role allows the service to publish logs to CloudWatch
// Logs.
DeliverLogsPermissionArn *string `locationName:"deliverLogsPermissionArn" type:"string"`
// The status of the logs delivery (SUCCESS | FAILED).
@ -106793,22 +106788,16 @@ type FlowLog struct {
// The destination options.
DestinationOptions *DestinationOptionsResponse `locationName:"destinationOptions" type:"structure"`
// The flow log ID.
// The ID of the flow log.
FlowLogId *string `locationName:"flowLogId" type:"string"`
// The status of the flow log (ACTIVE).
FlowLogStatus *string `locationName:"flowLogStatus" type:"string"`
// The destination to which the flow log data is published. Flow log data can
// be published to an CloudWatch Logs log group or an Amazon S3 bucket. If the
// flow log publishes to CloudWatch Logs, this element indicates the Amazon
// Resource Name (ARN) of the CloudWatch Logs log group to which the data is
// published. If the flow log publishes to Amazon S3, this element indicates
// the ARN of the Amazon S3 bucket to which the data is published.
// The Amazon Resource Name (ARN) of the destination for the flow log data.
LogDestination *string `locationName:"logDestination" type:"string"`
// The type of destination to which the flow log data is published. Flow log
// data can be published to CloudWatch Logs or Amazon S3.
// The type of destination for the flow log data.
LogDestinationType *string `locationName:"logDestinationType" type:"string" enum:"LogDestinationType"`
// The format of the flow log record.
@ -106827,7 +106816,7 @@ type FlowLog struct {
// Valid Values: 60 | 600
MaxAggregationInterval *int64 `locationName:"maxAggregationInterval" type:"integer"`
// The ID of the resource on which the flow log was created.
// The ID of the resource being monitored.
ResourceId *string `locationName:"resourceId" type:"string"`
// The tags for the flow log.
@ -106861,6 +106850,12 @@ func (s *FlowLog) SetCreationTime(v time.Time) *FlowLog {
return s
}
// SetDeliverCrossAccountRole sets the DeliverCrossAccountRole field's value.
func (s *FlowLog) SetDeliverCrossAccountRole(v string) *FlowLog {
s.DeliverCrossAccountRole = &v
return s
}
// SetDeliverLogsErrorMessage sets the DeliverLogsErrorMessage field's value.
func (s *FlowLog) SetDeliverLogsErrorMessage(v string) *FlowLog {
s.DeliverLogsErrorMessage = &v
@ -136995,9 +136990,8 @@ func (s *PeeringAttachmentStatus) SetMessage(v string) *PeeringAttachmentStatus
return s
}
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Describes the VPC peering connection options.
@ -137053,9 +137047,8 @@ func (s *PeeringConnectionOptions) SetAllowEgressFromLocalVpcToRemoteClassicLink
return s
}
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// The VPC peering connection options.
@ -161962,9 +161955,8 @@ func (s *VpcCidrBlockState) SetStatusMessage(v string) *VpcCidrBlockState {
return s
}
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Describes whether a VPC is enabled for ClassicLink.
@ -162466,9 +162458,8 @@ func (s *VpcPeeringConnection) SetVpcPeeringConnectionId(v string) *VpcPeeringCo
return s
}
// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate
// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic
// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
// in the Amazon Elastic Compute Cloud User Guide.
//
// Describes the VPC peering connection options.
@ -169439,6 +169430,9 @@ const (
// LogDestinationTypeS3 is a LogDestinationType enum value
LogDestinationTypeS3 = "s3"
// LogDestinationTypeKinesisDataFirehose is a LogDestinationType enum value
LogDestinationTypeKinesisDataFirehose = "kinesis-data-firehose"
)
// LogDestinationType_Values returns all elements of the LogDestinationType enum
@ -169446,6 +169440,7 @@ func LogDestinationType_Values() []string {
return []string{
LogDestinationTypeCloudWatchLogs,
LogDestinationTypeS3,
LogDestinationTypeKinesisDataFirehose,
}
}
@ -170548,6 +170543,9 @@ const (
// ResourceTypeVpcEndpointConnectionDeviceType is a ResourceType enum value
ResourceTypeVpcEndpointConnectionDeviceType = "vpc-endpoint-connection-device-type"
// ResourceTypeVpnConnectionDeviceType is a ResourceType enum value
ResourceTypeVpnConnectionDeviceType = "vpn-connection-device-type"
)
// ResourceType_Values returns all elements of the ResourceType enum
@ -170626,6 +170624,7 @@ func ResourceType_Values() []string {
ResourceTypeCapacityReservationFleet,
ResourceTypeTrafficMirrorFilterRule,
ResourceTypeVpcEndpointConnectionDeviceType,
ResourceTypeVpnConnectionDeviceType,
}
}

74
vendor/github.com/aws/aws-sdk-go/service/sso/api.go generated vendored
View File

@ -156,8 +156,7 @@ func (c *SSO) ListAccountRolesRequest(input *ListAccountRolesInput) (req *reques
// ListAccountRoles API operation for AWS Single Sign-On.
//
// Lists all roles that are assigned to the user for a given Amazon Web Services
// account.
// Lists all roles that are assigned to the user for a given AWS account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@ -306,10 +305,10 @@ func (c *SSO) ListAccountsRequest(input *ListAccountsInput) (req *request.Reques
// ListAccounts API operation for AWS Single Sign-On.
//
// Lists all Amazon Web Services accounts assigned to the user. These Amazon
// Web Services accounts are assigned by the administrator of the account. For
// more information, see Assign User Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers)
// in the Amazon Web Services SSO User Guide. This operation returns a paginated
// Lists all AWS accounts assigned to the user. These AWS accounts are assigned
// by the administrator of the account. For more information, see Assign User
// Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers)
// in the IAM Identity Center User Guide. This operation returns a paginated
// response.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -455,20 +454,20 @@ func (c *SSO) LogoutRequest(input *LogoutInput) (req *request.Request, output *L
// Logout API operation for AWS Single Sign-On.
//
// Removes the locally stored SSO tokens from the client-side cache and sends
// an API call to the Amazon Web Services SSO service to invalidate the corresponding
// server-side Amazon Web Services SSO sign in session.
// an API call to the IAM Identity Center service to invalidate the corresponding
// server-side IAM Identity Center sign in session.
//
// If a user uses Amazon Web Services SSO to access the AWS CLI, the users
// Amazon Web Services SSO sign in session is used to obtain an IAM session,
// as specified in the corresponding Amazon Web Services SSO permission set.
// More specifically, Amazon Web Services SSO assumes an IAM role in the target
// account on behalf of the user, and the corresponding temporary Amazon Web
// Services credentials are returned to the client.
// If a user uses IAM Identity Center to access the AWS CLI, the users IAM
// Identity Center sign in session is used to obtain an IAM session, as specified
// in the corresponding IAM Identity Center permission set. More specifically,
// IAM Identity Center assumes an IAM role in the target account on behalf of
// the user, and the corresponding temporary AWS credentials are returned to
// the client.
//
// After user logout, any existing IAM role sessions that were created by using
// Amazon Web Services SSO permission sets continue based on the duration configured
// IAM Identity Center permission sets continue based on the duration configured
// in the permission set. For more information, see User authentications (https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html)
// in the Amazon Web Services SSO User Guide.
// in the IAM Identity Center User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@ -513,20 +512,17 @@ func (c *SSO) LogoutWithContext(ctx aws.Context, input *LogoutInput, opts ...req
return out, req.Send()
}
// Provides information about your Amazon Web Services account.
// Provides information about your AWS account.
type AccountInfo struct {
_ struct{} `type:"structure"`
// The identifier of the Amazon Web Services account that is assigned to the
// user.
// The identifier of the AWS account that is assigned to the user.
AccountId *string `locationName:"accountId" type:"string"`
// The display name of the Amazon Web Services account that is assigned to the
// user.
// The display name of the AWS account that is assigned to the user.
AccountName *string `locationName:"accountName" type:"string"`
// The email address of the Amazon Web Services account that is assigned to
// the user.
// The email address of the AWS account that is assigned to the user.
EmailAddress *string `locationName:"emailAddress" min:"1" type:"string"`
}
@ -571,7 +567,7 @@ type GetRoleCredentialsInput struct {
// The token issued by the CreateToken API call. For more information, see CreateToken
// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
// in the Amazon Web Services SSO OIDC API Reference Guide.
// in the IAM Identity Center OIDC API Reference Guide.
//
// AccessToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by GetRoleCredentialsInput's
@ -580,8 +576,7 @@ type GetRoleCredentialsInput struct {
// AccessToken is a required field
AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"`
// The identifier for the Amazon Web Services account that is assigned to the
// user.
// The identifier for the AWS account that is assigned to the user.
//
// AccountId is a required field
AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"`
@ -748,7 +743,7 @@ type ListAccountRolesInput struct {
// The token issued by the CreateToken API call. For more information, see CreateToken
// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
// in the Amazon Web Services SSO OIDC API Reference Guide.
// in the IAM Identity Center OIDC API Reference Guide.
//
// AccessToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by ListAccountRolesInput's
@ -757,8 +752,7 @@ type ListAccountRolesInput struct {
// AccessToken is a required field
AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"`
// The identifier for the Amazon Web Services account that is assigned to the
// user.
// The identifier for the AWS account that is assigned to the user.
//
// AccountId is a required field
AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"`
@ -878,7 +872,7 @@ type ListAccountsInput struct {
// The token issued by the CreateToken API call. For more information, see CreateToken
// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
// in the Amazon Web Services SSO OIDC API Reference Guide.
// in the IAM Identity Center OIDC API Reference Guide.
//
// AccessToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by ListAccountsInput's
@ -993,7 +987,7 @@ type LogoutInput struct {
// The token issued by the CreateToken API call. For more information, see CreateToken
// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
// in the Amazon Web Services SSO OIDC API Reference Guide.
// in the IAM Identity Center OIDC API Reference Guide.
//
// AccessToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by LogoutInput's
@ -1132,18 +1126,17 @@ type RoleCredentials struct {
_ struct{} `type:"structure"`
// The identifier used for the temporary security credentials. For more information,
// see Using Temporary Security Credentials to Request Access to Amazon Web
// Services Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
// in the Amazon Web Services IAM User Guide.
// see Using Temporary Security Credentials to Request Access to AWS Resources
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
// in the AWS IAM User Guide.
AccessKeyId *string `locationName:"accessKeyId" type:"string"`
// The date on which temporary security credentials expire.
Expiration *int64 `locationName:"expiration" type:"long"`
// The key that is used to sign the request. For more information, see Using
// Temporary Security Credentials to Request Access to Amazon Web Services Resources
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
// in the Amazon Web Services IAM User Guide.
// Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
// in the AWS IAM User Guide.
//
// SecretAccessKey is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by RoleCredentials's
@ -1151,9 +1144,8 @@ type RoleCredentials struct {
SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"`
// The token used for temporary credentials. For more information, see Using
// Temporary Security Credentials to Request Access to Amazon Web Services Resources
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
// in the Amazon Web Services IAM User Guide.
// Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
// in the AWS IAM User Guide.
//
// SessionToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by RoleCredentials's
@ -1207,7 +1199,7 @@ func (s *RoleCredentials) SetSessionToken(v string) *RoleCredentials {
type RoleInfo struct {
_ struct{} `type:"structure"`
// The identifier of the Amazon Web Services account assigned to the user.
// The identifier of the AWS account assigned to the user.
AccountId *string `locationName:"accountId" type:"string"`
// The friendly name of the role that is assigned to the user.

27
vendor/github.com/aws/aws-sdk-go/service/sso/doc.go generated vendored
View File

@ -3,25 +3,24 @@
// Package sso provides the client and types for making API
// requests to AWS Single Sign-On.
//
// Amazon Web Services Single Sign On Portal is a web service that makes it
// easy for you to assign user access to Amazon Web Services SSO resources such
// as the AWS access portal. Users can get Amazon Web Services account applications
// and roles assigned to them and get federated into the application.
// AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web
// service that makes it easy for you to assign user access to IAM Identity
// Center resources such as the AWS access portal. Users can get AWS account
// applications and roles assigned to them and get federated into the application.
//
// Although Amazon Web Services Single Sign-On was renamed, the sso and identitystore
// API namespaces will continue to retain their original name for backward compatibility
// purposes. For more information, see Amazon Web Services SSO rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed).
// Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces
// will continue to retain their original name for backward compatibility purposes.
// For more information, see IAM Identity Center rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed).
//
// This reference guide describes the Amazon Web Services SSO Portal operations
// This reference guide describes the IAM Identity Center Portal operations
// that you can call programatically and includes detailed information on data
// types and errors.
//
// Amazon Web Services provides SDKs that consist of libraries and sample code
// for various programming languages and platforms, such as Java, Ruby, .Net,
// iOS, or Android. The SDKs provide a convenient way to create programmatic
// access to Amazon Web Services SSO and other Amazon Web Services services.
// For more information about the Amazon Web Services SDKs, including how to
// download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/).
// AWS provides SDKs that consist of libraries and sample code for various programming
// languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs
// provide a convenient way to create programmatic access to IAM Identity Center
// and other AWS services. For more information about the AWS SDKs, including
// how to download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/).
//
// See https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10 for more information on this service.
//

14
vendor/github.com/aws/smithy-go/CHANGELOG.md generated vendored
View File

@ -1,3 +1,17 @@
# Release (v1.13.2)
* No change notes available for this release.
# Release (v1.13.1)
* No change notes available for this release.
# Release (v1.13.0)
## Module Highlights
* `github.com/aws/smithy-go`: v1.13.0
* **Feature**: Adds support for the Smithy httpBearerAuth authentication trait to smithy-go. This allows the SDK to support the bearer authentication flow for API operations decorated with httpBearerAuth. An API client will need to be provided with its own bearer.TokenProvider implementation or use the bearer.StaticTokenProvider implementation.
# Release (v1.12.1)
## Module Highlights

3
vendor/github.com/aws/smithy-go/auth/bearer/docs.go generated vendored Normal file
View File

@ -0,0 +1,3 @@
// Package bearer provides middleware and utilities for authenticating API
// operation calls with a Bearer Token.
package bearer

104
vendor/github.com/aws/smithy-go/auth/bearer/middleware.go generated vendored Normal file
View File

@ -0,0 +1,104 @@
package bearer
import (
"context"
"fmt"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Message is the middleware stack's request transport message value.
type Message interface{}
// Signer provides an interface for implementations to decorate a request
// message with a bearer token. The signer is responsible for validating the
// message type is compatible with the signer.
type Signer interface {
SignWithBearerToken(context.Context, Token, Message) (Message, error)
}
// AuthenticationMiddleware provides the Finalize middleware step for signing
// an request message with a bearer token.
type AuthenticationMiddleware struct {
signer Signer
tokenProvider TokenProvider
}
// AddAuthenticationMiddleware helper adds the AuthenticationMiddleware to the
// middleware Stack in the Finalize step with the options provided.
func AddAuthenticationMiddleware(s *middleware.Stack, signer Signer, tokenProvider TokenProvider) error {
return s.Finalize.Add(
NewAuthenticationMiddleware(signer, tokenProvider),
middleware.After,
)
}
// NewAuthenticationMiddleware returns an initialized AuthenticationMiddleware.
func NewAuthenticationMiddleware(signer Signer, tokenProvider TokenProvider) *AuthenticationMiddleware {
return &AuthenticationMiddleware{
signer: signer,
tokenProvider: tokenProvider,
}
}
const authenticationMiddlewareID = "BearerTokenAuthentication"
// ID returns the resolver identifier
func (m *AuthenticationMiddleware) ID() string {
return authenticationMiddlewareID
}
// HandleFinalize implements the FinalizeMiddleware interface in order to
// update the request with bearer token authentication.
func (m *AuthenticationMiddleware) HandleFinalize(
ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
token, err := m.tokenProvider.RetrieveBearerToken(ctx)
if err != nil {
return out, metadata, fmt.Errorf("failed AuthenticationMiddleware wrap message, %w", err)
}
signedMessage, err := m.signer.SignWithBearerToken(ctx, token, in.Request)
if err != nil {
return out, metadata, fmt.Errorf("failed AuthenticationMiddleware sign message, %w", err)
}
in.Request = signedMessage
return next.HandleFinalize(ctx, in)
}
// SignHTTPSMessage provides a bearer token authentication implementation that
// will sign the message with the provided bearer token.
//
// Will fail if the message is not a smithy-go HTTP request or the request is
// not HTTPS.
type SignHTTPSMessage struct{}
// NewSignHTTPSMessage returns an initialized signer for HTTP messages.
func NewSignHTTPSMessage() *SignHTTPSMessage {
return &SignHTTPSMessage{}
}
// SignWithBearerToken returns a copy of the HTTP request with the bearer token
// added via the "Authorization" header, per RFC 6750, https://datatracker.ietf.org/doc/html/rfc6750.
//
// Returns an error if the request's URL scheme is not HTTPS, or the request
// message is not an smithy-go HTTP Request pointer type.
func (SignHTTPSMessage) SignWithBearerToken(ctx context.Context, token Token, message Message) (Message, error) {
req, ok := message.(*smithyhttp.Request)
if !ok {
return nil, fmt.Errorf("expect smithy-go HTTP Request, got %T", message)
}
if !req.IsHTTPS() {
return nil, fmt.Errorf("bearer token with HTTP request requires HTTPS")
}
reqClone := req.Clone()
reqClone.Header.Set("Authorization", "Bearer "+token.Value)
return reqClone, nil
}

50
vendor/github.com/aws/smithy-go/auth/bearer/token.go generated vendored Normal file
View File

@ -0,0 +1,50 @@
package bearer
import (
"context"
"time"
)
// Token provides a type wrapping a bearer token and expiration metadata.
type Token struct {
Value string
CanExpire bool
Expires time.Time
}
// Expired returns if the token's Expires time is before or equal to the time
// provided. If CanExpires is false, Expired will always return false.
func (t Token) Expired(now time.Time) bool {
if !t.CanExpire {
return false
}
now = now.Round(0)
return now.Equal(t.Expires) || now.After(t.Expires)
}
// TokenProvider provides interface for retrieving bearer tokens.
type TokenProvider interface {
RetrieveBearerToken(context.Context) (Token, error)
}
// TokenProviderFunc provides a helper utility to wrap a function as a type
// that implements the TokenProvider interface.
type TokenProviderFunc func(context.Context) (Token, error)
// RetrieveBearerToken calls the wrapped function, returning the Token or
// error.
func (fn TokenProviderFunc) RetrieveBearerToken(ctx context.Context) (Token, error) {
return fn(ctx)
}
// StaticTokenProvider provides a utility for wrapping a static bearer token
// value within an implementation of a token provider.
type StaticTokenProvider struct {
Token Token
}
// RetrieveBearerToken returns the static token specified.
func (s StaticTokenProvider) RetrieveBearerToken(context.Context) (Token, error) {
return s.Token, nil
}

208
vendor/github.com/aws/smithy-go/auth/bearer/token_cache.go generated vendored Normal file
View File

@ -0,0 +1,208 @@
package bearer
import (
"context"
"fmt"
"sync/atomic"
"time"
smithycontext "github.com/aws/smithy-go/context"
"github.com/aws/smithy-go/internal/sync/singleflight"
)
// package variable that can be override in unit tests.
var timeNow = time.Now
// TokenCacheOptions provides a set of optional configuration options for the
// TokenCache TokenProvider.
type TokenCacheOptions struct {
// The duration before the token will expire when the credentials will be
// refreshed. If DisableAsyncRefresh is true, the RetrieveBearerToken calls
// will be blocking.
//
// Asynchronous refreshes are deduplicated, and only one will be in-flight
// at a time. If the token expires while an asynchronous refresh is in
// flight, the next call to RetrieveBearerToken will block on that refresh
// to return.
RefreshBeforeExpires time.Duration
// The timeout the underlying TokenProvider's RetrieveBearerToken call must
// return within, or will be canceled. Defaults to 0, no timeout.
//
// If 0 timeout, its possible for the underlying tokenProvider's
// RetrieveBearerToken call to block forever. Preventing subsequent
// TokenCache attempts to refresh the token.
//
// If this timeout is reached all pending deduplicated calls to
// TokenCache RetrieveBearerToken will fail with an error.
RetrieveBearerTokenTimeout time.Duration
// The minimum duration between asynchronous refresh attempts. If the next
// asynchronous recent refresh attempt was within the minimum delay
// duration, the call to retrieve will return the current cached token, if
// not expired.
//
// The asynchronous retrieve is deduplicated across multiple calls when
// RetrieveBearerToken is called. The asynchronous retrieve is not a
// periodic task. It is only performed when the token has not yet expired,
// and the current item is within the RefreshBeforeExpires window, and the
// TokenCache's RetrieveBearerToken method is called.
//
// If 0, (default) there will be no minimum delay between asynchronous
// refresh attempts.
//
// If DisableAsyncRefresh is true, this option is ignored.
AsyncRefreshMinimumDelay time.Duration
// Sets if the TokenCache will attempt to refresh the token in the
// background asynchronously instead of blocking for credentials to be
// refreshed. If disabled token refresh will be blocking.
//
// The first call to RetrieveBearerToken will always be blocking, because
// there is no cached token.
DisableAsyncRefresh bool
}
// TokenCache provides an utility to cache Bearer Authentication tokens from a
// wrapped TokenProvider. The TokenCache can be has options to configure the
// cache's early and asynchronous refresh of the token.
type TokenCache struct {
options TokenCacheOptions
provider TokenProvider
cachedToken atomic.Value
lastRefreshAttemptTime atomic.Value
sfGroup singleflight.Group
}
// NewTokenCache returns a initialized TokenCache that implements the
// TokenProvider interface. Wrapping the provider passed in. Also taking a set
// of optional functional option parameters to configure the token cache.
func NewTokenCache(provider TokenProvider, optFns ...func(*TokenCacheOptions)) *TokenCache {
var options TokenCacheOptions
for _, fn := range optFns {
fn(&options)
}
return &TokenCache{
options: options,
provider: provider,
}
}
// RetrieveBearerToken returns the token if it could be obtained, or error if a
// valid token could not be retrieved.
//
// The passed in Context's cancel/deadline/timeout will impacting only this
// individual retrieve call and not any other already queued up calls. This
// means underlying provider's RetrieveBearerToken calls could block for ever,
// and not be canceled with the Context. Set RetrieveBearerTokenTimeout to
// provide a timeout, preventing the underlying TokenProvider blocking forever.
//
// By default, if the passed in Context is canceled, all of its values will be
// considered expired. The wrapped TokenProvider will not be able to lookup the
// values from the Context once it is expired. This is done to protect against
// expired values no longer being valid. To disable this behavior, use
// smithy-go's context.WithPreserveExpiredValues to add a value to the Context
// before calling RetrieveBearerToken to enable support for expired values.
//
// Without RetrieveBearerTokenTimeout there is the potential for a underlying
// Provider's RetrieveBearerToken call to sit forever. Blocking in subsequent
// attempts at refreshing the token.
func (p *TokenCache) RetrieveBearerToken(ctx context.Context) (Token, error) {
cachedToken, ok := p.getCachedToken()
if !ok || cachedToken.Expired(timeNow()) {
return p.refreshBearerToken(ctx)
}
// Check if the token should be refreshed before it expires.
refreshToken := cachedToken.Expired(timeNow().Add(p.options.RefreshBeforeExpires))
if !refreshToken {
return cachedToken, nil
}
if p.options.DisableAsyncRefresh {
return p.refreshBearerToken(ctx)
}
p.tryAsyncRefresh(ctx)
return cachedToken, nil
}
// tryAsyncRefresh attempts to asynchronously refresh the token returning the
// already cached token. If it AsyncRefreshMinimumDelay option is not zero, and
// the duration since the last refresh is less than that value, nothing will be
// done.
func (p *TokenCache) tryAsyncRefresh(ctx context.Context) {
if p.options.AsyncRefreshMinimumDelay != 0 {
var lastRefreshAttempt time.Time
if v := p.lastRefreshAttemptTime.Load(); v != nil {
lastRefreshAttempt = v.(time.Time)
}
if timeNow().Before(lastRefreshAttempt.Add(p.options.AsyncRefreshMinimumDelay)) {
return
}
}
// Ignore the returned channel so this won't be blocking, and limit the
// number of additional goroutines created.
p.sfGroup.DoChan("async-refresh", func() (interface{}, error) {
res, err := p.refreshBearerToken(ctx)
if p.options.AsyncRefreshMinimumDelay != 0 {
var refreshAttempt time.Time
if err != nil {
refreshAttempt = timeNow()
}
p.lastRefreshAttemptTime.Store(refreshAttempt)
}
return res, err
})
}
func (p *TokenCache) refreshBearerToken(ctx context.Context) (Token, error) {
resCh := p.sfGroup.DoChan("refresh-token", func() (interface{}, error) {
ctx := smithycontext.WithSuppressCancel(ctx)
if v := p.options.RetrieveBearerTokenTimeout; v != 0 {
var cancel func()
ctx, cancel = context.WithTimeout(ctx, v)
defer cancel()
}
return p.singleRetrieve(ctx)
})
select {
case res := <-resCh:
return res.Val.(Token), res.Err
case <-ctx.Done():
return Token{}, fmt.Errorf("retrieve bearer token canceled, %w", ctx.Err())
}
}
func (p *TokenCache) singleRetrieve(ctx context.Context) (interface{}, error) {
token, err := p.provider.RetrieveBearerToken(ctx)
if err != nil {
return Token{}, fmt.Errorf("failed to retrieve bearer token, %w", err)
}
p.cachedToken.Store(&token)
return token, nil
}
// getCachedToken returns the currently cached token and true if found. Returns
// false if no token is cached.
func (p *TokenCache) getCachedToken() (Token, bool) {
v := p.cachedToken.Load()
if v == nil {
return Token{}, false
}
t := v.(*Token)
if t == nil || t.Value == "" {
return Token{}, false
}
return *t, true
}

81
vendor/github.com/aws/smithy-go/context/suppress_expired.go generated vendored Normal file
View File

@ -0,0 +1,81 @@
package context
import "context"
// valueOnlyContext provides a utility to preserve only the values of a
// Context. Suppressing any cancellation or deadline on that context being
// propagated downstream of this value.
//
// If preserveExpiredValues is false (default), and the valueCtx is canceled,
// calls to lookup values with the Values method, will always return nil. Setting
// preserveExpiredValues to true, will allow the valueOnlyContext to lookup
// values in valueCtx even if valueCtx is canceled.
//
// Based on the Go standard libraries net/lookup.go onlyValuesCtx utility.
// https://github.com/golang/go/blob/da2773fe3e2f6106634673a38dc3a6eb875fe7d8/src/net/lookup.go
type valueOnlyContext struct {
context.Context
preserveExpiredValues bool
valuesCtx context.Context
}
var _ context.Context = (*valueOnlyContext)(nil)
// Value looks up the key, returning its value. If configured to not preserve
// values of expired context, and the wrapping context is canceled, nil will be
// returned.
func (v *valueOnlyContext) Value(key interface{}) interface{} {
if !v.preserveExpiredValues {
select {
case <-v.valuesCtx.Done():
return nil
default:
}
}
return v.valuesCtx.Value(key)
}
// WithSuppressCancel wraps the Context value, suppressing its deadline and
// cancellation events being propagated downstream to consumer of the returned
// context.
//
// By default the wrapped Context's Values are available downstream until the
// wrapped Context is canceled. Once the wrapped Context is canceled, Values
// method called on the context return will no longer lookup any key. As they
// are now considered expired.
//
// To override this behavior, use WithPreserveExpiredValues on the Context
// before it is wrapped by WithSuppressCancel. This will make the Context
// returned by WithSuppressCancel allow lookup of expired values.
func WithSuppressCancel(ctx context.Context) context.Context {
return &valueOnlyContext{
Context: context.Background(),
valuesCtx: ctx,
preserveExpiredValues: GetPreserveExpiredValues(ctx),
}
}
type preserveExpiredValuesKey struct{}
// WithPreserveExpiredValues adds a Value to the Context if expired values
// should be preserved, and looked up by a Context wrapped by
// WithSuppressCancel.
//
// WithPreserveExpiredValues must be added as a value to a Context, before that
// Context is wrapped by WithSuppressCancel
func WithPreserveExpiredValues(ctx context.Context, enable bool) context.Context {
return context.WithValue(ctx, preserveExpiredValuesKey{}, enable)
}
// GetPreserveExpiredValues looks up, and returns the PreserveExpressValues
// value in the context. Returning true if enabled, false otherwise.
func GetPreserveExpiredValues(ctx context.Context) bool {
v := ctx.Value(preserveExpiredValuesKey{})
if v != nil {
return v.(bool)
}
return false
}

2
vendor/github.com/aws/smithy-go/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package smithy
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.12.1"
const goModuleVersion = "1.13.2"

28
vendor/github.com/aws/smithy-go/internal/sync/singleflight/LICENSE generated vendored Normal file
View File

@ -0,0 +1,28 @@
Copyright (c) 2009 The Go Authors. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

8
vendor/github.com/aws/smithy-go/internal/sync/singleflight/docs.go generated vendored Normal file
View File

@ -0,0 +1,8 @@
// Package singleflight provides a duplicate function call suppression
// mechanism. This package is a fork of the Go golang.org/x/sync/singleflight
// package. The package is forked, because the package a part of the unstable
// and unversioned golang.org/x/sync module.
//
// https://github.com/golang/sync/tree/67f06af15bc961c363a7260195bcd53487529a21/singleflight
package singleflight

210
vendor/github.com/aws/smithy-go/internal/sync/singleflight/singleflight.go generated vendored Normal file
View File

@ -0,0 +1,210 @@
// Copyright 2013 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package singleflight
import (
"bytes"
"errors"
"fmt"
"runtime"
"runtime/debug"
"sync"
)
// errGoexit indicates the runtime.Goexit was called in
// the user given function.
var errGoexit = errors.New("runtime.Goexit was called")
// A panicError is an arbitrary value recovered from a panic
// with the stack trace during the execution of given function.
type panicError struct {
value interface{}
stack []byte
}
// Error implements error interface.
func (p *panicError) Error() string {
return fmt.Sprintf("%v\n\n%s", p.value, p.stack)
}
func newPanicError(v interface{}) error {
stack := debug.Stack()
// The first line of the stack trace is of the form "goroutine N [status]:"
// but by the time the panic reaches Do the goroutine may no longer exist
// and its status will have changed. Trim out the misleading line.
if line := bytes.IndexByte(stack[:], '\n'); line >= 0 {
stack = stack[line+1:]
}
return &panicError{value: v, stack: stack}
}
// call is an in-flight or completed singleflight.Do call
type call struct {
wg sync.WaitGroup
// These fields are written once before the WaitGroup is done
// and are only read after the WaitGroup is done.
val interface{}
err error
// forgotten indicates whether Forget was called with this call's key
// while the call was still in flight.
forgotten bool
// These fields are read and written with the singleflight
// mutex held before the WaitGroup is done, and are read but
// not written after the WaitGroup is done.
dups int
chans []chan<- Result
}
// Group represents a class of work and forms a namespace in
// which units of work can be executed with duplicate suppression.
type Group struct {
mu sync.Mutex // protects m
m map[string]*call // lazily initialized
}
// Result holds the results of Do, so they can be passed
// on a channel.
type Result struct {
Val interface{}
Err error
Shared bool
}
// Do executes and returns the results of the given function, making
// sure that only one execution is in-flight for a given key at a
// time. If a duplicate comes in, the duplicate caller waits for the
// original to complete and receives the same results.
// The return value shared indicates whether v was given to multiple callers.
func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) {
g.mu.Lock()
if g.m == nil {
g.m = make(map[string]*call)
}
if c, ok := g.m[key]; ok {
c.dups++
g.mu.Unlock()
c.wg.Wait()
if e, ok := c.err.(*panicError); ok {
panic(e)
} else if c.err == errGoexit {
runtime.Goexit()
}
return c.val, c.err, true
}
c := new(call)
c.wg.Add(1)
g.m[key] = c
g.mu.Unlock()
g.doCall(c, key, fn)
return c.val, c.err, c.dups > 0
}
// DoChan is like Do but returns a channel that will receive the
// results when they are ready.
//
// The returned channel will not be closed.
func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result {
ch := make(chan Result, 1)
g.mu.Lock()
if g.m == nil {
g.m = make(map[string]*call)
}
if c, ok := g.m[key]; ok {
c.dups++
c.chans = append(c.chans, ch)
g.mu.Unlock()
return ch
}
c := &call{chans: []chan<- Result{ch}}
c.wg.Add(1)
g.m[key] = c
g.mu.Unlock()
go g.doCall(c, key, fn)
return ch
}
// doCall handles the single call for a key.
func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) {
normalReturn := false
recovered := false
// use double-defer to distinguish panic from runtime.Goexit,
// more details see https://golang.org/cl/134395
defer func() {
// the given function invoked runtime.Goexit
if !normalReturn && !recovered {
c.err = errGoexit
}
c.wg.Done()
g.mu.Lock()
defer g.mu.Unlock()
if !c.forgotten {
delete(g.m, key)
}
if e, ok := c.err.(*panicError); ok {
// In order to prevent the waiting channels from being blocked forever,
// needs to ensure that this panic cannot be recovered.
if len(c.chans) > 0 {
go panic(e)
select {} // Keep this goroutine around so that it will appear in the crash dump.
} else {
panic(e)
}
} else if c.err == errGoexit {
// Already in the process of goexit, no need to call again
} else {
// Normal return
for _, ch := range c.chans {
ch <- Result{c.val, c.err, c.dups > 0}
}
}
}()
func() {
defer func() {
if !normalReturn {
// Ideally, we would wait to take a stack trace until we've determined
// whether this is a panic or a runtime.Goexit.
//
// Unfortunately, the only way we can distinguish the two is to see
// whether the recover stopped the goroutine from terminating, and by
// the time we know that, the part of the stack trace relevant to the
// panic has been discarded.
if r := recover(); r != nil {
c.err = newPanicError(r)
}
}
}()
c.val, c.err = fn()
normalReturn = true
}()
if !normalReturn {
recovered = true
}
}
// Forget tells the singleflight to forget about a key. Future calls
// to Do for this key will call the function rather than waiting for
// an earlier call to complete.
func (g *Group) Forget(key string) {
g.mu.Lock()
if c, ok := g.m[key]; ok {
c.forgotten = true
}
delete(g.m, key)
g.mu.Unlock()
}

9
vendor/github.com/aws/smithy-go/transport/http/request.go generated vendored
View File

@ -7,6 +7,7 @@ import (
"io/ioutil"
"net/http"
"net/url"
"strings"
iointernal "github.com/aws/smithy-go/transport/http/internal/io"
)
@ -33,6 +34,14 @@ func NewStackRequest() interface{} {
}
}
// IsHTTPS returns if the request is HTTPS. Returns false if no endpoint URL is set.
func (r *Request) IsHTTPS() bool {
if r.URL == nil {
return false
}
return strings.EqualFold(r.URL.Scheme, "https")
}
// Clone returns a deep copy of the Request for the new context. A reference to
// the Stream is copied, but the underlying stream is not copied.
func (r *Request) Clone() *Request {

19
vendor/modules.txt vendored
View File

@ -1,4 +1,4 @@
# github.com/IBM/keyprotect-go-client v0.8.0
# github.com/IBM/keyprotect-go-client v0.8.1
## explicit; go 1.15
github.com/IBM/keyprotect-go-client
github.com/IBM/keyprotect-go-client/iam
@ -20,7 +20,7 @@ github.com/armon/go-metrics
# github.com/armon/go-radix v1.0.0
## explicit
github.com/armon/go-radix
# github.com/aws/aws-sdk-go v1.44.82
# github.com/aws/aws-sdk-go v1.44.96
## explicit; go 1.11
github.com/aws/aws-sdk-go/aws
github.com/aws/aws-sdk-go/aws/awserr
@ -65,7 +65,7 @@ github.com/aws/aws-sdk-go/service/sso
github.com/aws/aws-sdk-go/service/sso/ssoiface
github.com/aws/aws-sdk-go/service/sts
github.com/aws/aws-sdk-go/service/sts/stsiface
# github.com/aws/aws-sdk-go-v2 v1.16.11
# github.com/aws/aws-sdk-go-v2 v1.16.14
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/aws
github.com/aws/aws-sdk-go-v2/aws/defaults
@ -82,27 +82,30 @@ github.com/aws/aws-sdk-go-v2/internal/sdk
github.com/aws/aws-sdk-go-v2/internal/strings
github.com/aws/aws-sdk-go-v2/internal/sync/singleflight
github.com/aws/aws-sdk-go-v2/internal/timeconv
# github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18
# github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.21
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/internal/configsources
# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12
# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.15
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2
# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12
# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.15
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url
# github.com/aws/aws-sdk-go-v2/service/sts v1.16.13
# github.com/aws/aws-sdk-go-v2/service/sts v1.16.17
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/service/sts
github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints
github.com/aws/aws-sdk-go-v2/service/sts/types
# github.com/aws/smithy-go v1.12.1
# github.com/aws/smithy-go v1.13.2
## explicit; go 1.15
github.com/aws/smithy-go
github.com/aws/smithy-go/auth/bearer
github.com/aws/smithy-go/context
github.com/aws/smithy-go/document
github.com/aws/smithy-go/encoding
github.com/aws/smithy-go/encoding/httpbinding
github.com/aws/smithy-go/encoding/xml
github.com/aws/smithy-go/internal/sync/singleflight
github.com/aws/smithy-go/io
github.com/aws/smithy-go/logging
github.com/aws/smithy-go/middleware