mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-09 16:00:22 +00:00
rebase: bump github.com/aws/aws-sdk-go from 1.42.7 to 1.42.37
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.7 to 1.42.37. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.7...v1.42.37) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
parent
6f0087e870
commit
f56ee59515
4
go.mod
4
go.mod
@ -4,7 +4,7 @@ go 1.17
|
||||
|
||||
require (
|
||||
github.com/IBM/keyprotect-go-client v0.7.0
|
||||
github.com/aws/aws-sdk-go v1.42.7
|
||||
github.com/aws/aws-sdk-go v1.42.37
|
||||
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
|
||||
github.com/ceph/go-ceph v0.13.0
|
||||
github.com/container-storage-interface/spec v1.5.0
|
||||
@ -126,7 +126,7 @@ require (
|
||||
go.opentelemetry.io/otel/trace v0.20.0 // indirect
|
||||
go.opentelemetry.io/proto/otlp v0.7.0 // indirect
|
||||
go.uber.org/atomic v1.9.0 // indirect
|
||||
golang.org/x/net v0.0.0-20211209124913-491a49abca63 // indirect
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f // indirect
|
||||
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f // indirect
|
||||
golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b // indirect
|
||||
golang.org/x/text v0.3.7 // indirect
|
||||
|
8
go.sum
8
go.sum
@ -138,8 +138,8 @@ github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi
|
||||
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k=
|
||||
github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
||||
github.com/aws/aws-sdk-go v1.42.7 h1:Ee7QC4Y/eGebVGO/5IGN3fSXXSrheesZYYj2pYJG7Zk=
|
||||
github.com/aws/aws-sdk-go v1.42.7/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
|
||||
github.com/aws/aws-sdk-go v1.42.37 h1:EIziSq3REaoi1LgUBgxoQr29DQS7GYHnBbZPajtJmXM=
|
||||
github.com/aws/aws-sdk-go v1.42.37/go.mod h1:OGr6lGMAKGlG9CVrYnWYDKIyb829c6EVBRjxqjmPepc=
|
||||
github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
|
||||
github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
|
||||
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
|
||||
@ -1258,11 +1258,11 @@ golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT
|
||||
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY=
|
||||
golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f h1:hEYJvxw1lSnWIl8X9ofsYMklzaDs90JI2az5YMd4fPM=
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190130055435-99b60b757ec1/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
|
40
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
generated
vendored
40
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
generated
vendored
@ -28,7 +28,7 @@ const (
|
||||
// compare test values.
|
||||
var now = time.Now
|
||||
|
||||
// TokenFetcher shuold return WebIdentity token bytes or an error
|
||||
// TokenFetcher should return WebIdentity token bytes or an error
|
||||
type TokenFetcher interface {
|
||||
FetchToken(credentials.Context) ([]byte, error)
|
||||
}
|
||||
@ -50,6 +50,8 @@ func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) {
|
||||
// an OIDC token.
|
||||
type WebIdentityRoleProvider struct {
|
||||
credentials.Expiry
|
||||
|
||||
// The policy ARNs to use with the web identity assumed role.
|
||||
PolicyArns []*sts.PolicyDescriptorType
|
||||
|
||||
// Duration the STS credentials will be valid for. Truncated to seconds.
|
||||
@ -74,6 +76,9 @@ type WebIdentityRoleProvider struct {
|
||||
|
||||
// NewWebIdentityCredentials will return a new set of credentials with a given
|
||||
// configuration, role arn, and token file path.
|
||||
//
|
||||
// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible
|
||||
// functional options, and wrap with credentials.NewCredentials helper.
|
||||
func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName, path string) *credentials.Credentials {
|
||||
svc := sts.New(c)
|
||||
p := NewWebIdentityRoleProvider(svc, roleARN, roleSessionName, path)
|
||||
@ -82,19 +87,42 @@ func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName
|
||||
|
||||
// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the
|
||||
// provided stsiface.STSAPI
|
||||
//
|
||||
// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible
|
||||
// functional options.
|
||||
func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider {
|
||||
return NewWebIdentityRoleProviderWithToken(svc, roleARN, roleSessionName, FetchTokenPath(path))
|
||||
return NewWebIdentityRoleProviderWithOptions(svc, roleARN, roleSessionName, FetchTokenPath(path))
|
||||
}
|
||||
|
||||
// NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the
|
||||
// provided stsiface.STSAPI and a TokenFetcher
|
||||
//
|
||||
// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible
|
||||
// functional options.
|
||||
func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider {
|
||||
return &WebIdentityRoleProvider{
|
||||
return NewWebIdentityRoleProviderWithOptions(svc, roleARN, roleSessionName, tokenFetcher)
|
||||
}
|
||||
|
||||
// NewWebIdentityRoleProviderWithOptions will return an initialize
|
||||
// WebIdentityRoleProvider with the provided stsiface.STSAPI, role ARN, and a
|
||||
// TokenFetcher. Additional options can be provided as functional options.
|
||||
//
|
||||
// TokenFetcher is the implementation that will retrieve the JWT token from to
|
||||
// assume the role with. Use the provided FetchTokenPath implementation to
|
||||
// retrieve the JWT token using a file system path.
|
||||
func NewWebIdentityRoleProviderWithOptions(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher, optFns ...func(*WebIdentityRoleProvider)) *WebIdentityRoleProvider {
|
||||
p := WebIdentityRoleProvider{
|
||||
client: svc,
|
||||
tokenFetcher: tokenFetcher,
|
||||
roleARN: roleARN,
|
||||
roleSessionName: roleSessionName,
|
||||
}
|
||||
|
||||
for _, fn := range optFns {
|
||||
fn(&p)
|
||||
}
|
||||
|
||||
return &p
|
||||
}
|
||||
|
||||
// Retrieve will attempt to assume a role from a token which is located at
|
||||
@ -104,9 +132,9 @@ func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) {
|
||||
return p.RetrieveWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// RetrieveWithContext will attempt to assume a role from a token which is located at
|
||||
// 'WebIdentityTokenFilePath' specified destination and if that is empty an
|
||||
// error will be returned.
|
||||
// RetrieveWithContext will attempt to assume a role from a token which is
|
||||
// located at 'WebIdentityTokenFilePath' specified destination and if that is
|
||||
// empty an error will be returned.
|
||||
func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
b, err := p.tokenFetcher.FetchToken(ctx)
|
||||
if err != nil {
|
||||
|
988
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
988
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
File diff suppressed because it is too large
Load Diff
33
vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
generated
vendored
33
vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
generated
vendored
@ -14,8 +14,17 @@ import (
|
||||
"github.com/aws/aws-sdk-go/aws/defaults"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/shareddefaults"
|
||||
"github.com/aws/aws-sdk-go/service/sts"
|
||||
)
|
||||
|
||||
// CredentialsProviderOptions specifies additional options for configuring
|
||||
// credentials providers.
|
||||
type CredentialsProviderOptions struct {
|
||||
// WebIdentityRoleProviderOptions configures a WebIdentityRoleProvider,
|
||||
// such as setting its ExpiryWindow.
|
||||
WebIdentityRoleProviderOptions func(*stscreds.WebIdentityRoleProvider)
|
||||
}
|
||||
|
||||
func resolveCredentials(cfg *aws.Config,
|
||||
envCfg envConfig, sharedCfg sharedConfig,
|
||||
handlers request.Handlers,
|
||||
@ -40,6 +49,7 @@ func resolveCredentials(cfg *aws.Config,
|
||||
envCfg.WebIdentityTokenFilePath,
|
||||
envCfg.RoleARN,
|
||||
envCfg.RoleSessionName,
|
||||
sessOpts.CredentialsProviderOptions,
|
||||
)
|
||||
|
||||
default:
|
||||
@ -59,6 +69,7 @@ var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, "
|
||||
func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers,
|
||||
filepath string,
|
||||
roleARN, sessionName string,
|
||||
credOptions *CredentialsProviderOptions,
|
||||
) (*credentials.Credentials, error) {
|
||||
|
||||
if len(filepath) == 0 {
|
||||
@ -69,17 +80,18 @@ func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers,
|
||||
return nil, WebIdentityEmptyRoleARNErr
|
||||
}
|
||||
|
||||
creds := stscreds.NewWebIdentityCredentials(
|
||||
&Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers.Copy(),
|
||||
},
|
||||
roleARN,
|
||||
sessionName,
|
||||
filepath,
|
||||
)
|
||||
svc := sts.New(&Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers.Copy(),
|
||||
})
|
||||
|
||||
return creds, nil
|
||||
var optFns []func(*stscreds.WebIdentityRoleProvider)
|
||||
if credOptions != nil && credOptions.WebIdentityRoleProviderOptions != nil {
|
||||
optFns = append(optFns, credOptions.WebIdentityRoleProviderOptions)
|
||||
}
|
||||
|
||||
p := stscreds.NewWebIdentityRoleProviderWithOptions(svc, roleARN, sessionName, stscreds.FetchTokenPath(filepath), optFns...)
|
||||
return credentials.NewCredentials(p), nil
|
||||
}
|
||||
|
||||
func resolveCredsFromProfile(cfg *aws.Config,
|
||||
@ -114,6 +126,7 @@ func resolveCredsFromProfile(cfg *aws.Config,
|
||||
sharedCfg.WebIdentityTokenFile,
|
||||
sharedCfg.RoleARN,
|
||||
sharedCfg.RoleSessionName,
|
||||
sessOpts.CredentialsProviderOptions,
|
||||
)
|
||||
|
||||
case sharedCfg.hasSSOConfiguration():
|
||||
|
5
vendor/github.com/aws/aws-sdk-go/aws/session/session.go
generated
vendored
5
vendor/github.com/aws/aws-sdk-go/aws/session/session.go
generated
vendored
@ -304,6 +304,11 @@ type Options struct {
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6
|
||||
EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState
|
||||
|
||||
// Specifies options for creating credential providers.
|
||||
// These are only used if the aws.Config does not already
|
||||
// include credentials.
|
||||
CredentialsProviderOptions *CredentialsProviderOptions
|
||||
}
|
||||
|
||||
// NewSessionWithOptions returns a new Session created from SDK defaults, config files,
|
||||
|
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
@ -5,4 +5,4 @@ package aws
|
||||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.42.7"
|
||||
const SDKVersion = "1.42.37"
|
||||
|
2
vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go
generated
vendored
@ -140,7 +140,7 @@ func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHe
|
||||
prefix := field.Tag.Get("locationName")
|
||||
err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps)
|
||||
if err != nil {
|
||||
awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
16431
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
generated
vendored
16431
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
generated
vendored
File diff suppressed because it is too large
Load Diff
21
vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go
generated
vendored
21
vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go
generated
vendored
@ -4,14 +4,15 @@
|
||||
// requests to Amazon Elastic Compute Cloud.
|
||||
//
|
||||
// Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing
|
||||
// capacity in the AWS Cloud. Using Amazon EC2 eliminates the need to invest
|
||||
// in hardware up front, so you can develop and deploy applications faster.
|
||||
// Amazon Virtual Private Cloud (Amazon VPC) enables you to provision a logically
|
||||
// isolated section of the AWS Cloud where you can launch AWS resources in a
|
||||
// virtual network that you've defined. Amazon Elastic Block Store (Amazon EBS)
|
||||
// provides block level storage volumes for use with EC2 instances. EBS volumes
|
||||
// are highly available and reliable storage volumes that can be attached to
|
||||
// any running instance and used like a hard drive.
|
||||
// capacity in the Amazon Web Services Cloud. Using Amazon EC2 eliminates the
|
||||
// need to invest in hardware up front, so you can develop and deploy applications
|
||||
// faster. Amazon Virtual Private Cloud (Amazon VPC) enables you to provision
|
||||
// a logically isolated section of the Amazon Web Services Cloud where you can
|
||||
// launch Amazon Web Services resources in a virtual network that you've defined.
|
||||
// Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes
|
||||
// for use with EC2 instances. EBS volumes are highly available and reliable
|
||||
// storage volumes that can be attached to any running instance and used like
|
||||
// a hard drive.
|
||||
//
|
||||
// To learn more, see the following resources:
|
||||
//
|
||||
@ -24,8 +25,8 @@
|
||||
// * Amazon VPC: Amazon VPC product page (http://aws.amazon.com/vpc), Amazon
|
||||
// VPC documentation (http://aws.amazon.com/documentation/vpc)
|
||||
//
|
||||
// * AWS VPN: AWS VPN product page (http://aws.amazon.com/vpn), AWS VPN documentation
|
||||
// (http://aws.amazon.com/documentation/vpn)
|
||||
// * Amazon Web Services VPN: Amazon Web Services VPN product page (http://aws.amazon.com/vpn),
|
||||
// Amazon Web Services VPN documentation (http://aws.amazon.com/documentation/vpn)
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15 for more information on this service.
|
||||
//
|
||||
|
4
vendor/github.com/aws/aws-sdk-go/service/ec2/service.go
generated
vendored
4
vendor/github.com/aws/aws-sdk-go/service/ec2/service.go
generated
vendored
@ -48,6 +48,10 @@ const (
|
||||
// svc := ec2.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2 {
|
||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||
if c.SigningNameDerived || len(c.SigningName) == 0 {
|
||||
c.SigningName = EndpointsID
|
||||
// No Fallback
|
||||
}
|
||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion)
|
||||
}
|
||||
|
||||
|
51
vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go
generated
vendored
51
vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go
generated
vendored
@ -738,6 +738,57 @@ func (c *EC2) WaitUntilInstanceTerminatedWithContext(ctx aws.Context, input *Des
|
||||
return w.WaitWithContext(ctx)
|
||||
}
|
||||
|
||||
// WaitUntilInternetGatewayExists uses the Amazon EC2 API operation
|
||||
// DescribeInternetGateways to wait for a condition to be met before returning.
|
||||
// If the condition is not met within the max attempt window, an error will
|
||||
// be returned.
|
||||
func (c *EC2) WaitUntilInternetGatewayExists(input *DescribeInternetGatewaysInput) error {
|
||||
return c.WaitUntilInternetGatewayExistsWithContext(aws.BackgroundContext(), input)
|
||||
}
|
||||
|
||||
// WaitUntilInternetGatewayExistsWithContext is an extended version of WaitUntilInternetGatewayExists.
|
||||
// With the support for passing in a context and options to configure the
|
||||
// Waiter and the underlying request options.
|
||||
//
|
||||
// The context must be non-nil and will be used for request cancellation. If
|
||||
// the context is nil a panic will occur. In the future the SDK may create
|
||||
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
||||
// for more information on using Contexts.
|
||||
func (c *EC2) WaitUntilInternetGatewayExistsWithContext(ctx aws.Context, input *DescribeInternetGatewaysInput, opts ...request.WaiterOption) error {
|
||||
w := request.Waiter{
|
||||
Name: "WaitUntilInternetGatewayExists",
|
||||
MaxAttempts: 6,
|
||||
Delay: request.ConstantWaiterDelay(5 * time.Second),
|
||||
Acceptors: []request.WaiterAcceptor{
|
||||
{
|
||||
State: request.SuccessWaiterState,
|
||||
Matcher: request.PathWaiterMatch, Argument: "length(InternetGateways[].InternetGatewayId) > `0`",
|
||||
Expected: true,
|
||||
},
|
||||
{
|
||||
State: request.RetryWaiterState,
|
||||
Matcher: request.ErrorWaiterMatch,
|
||||
Expected: "InvalidInternetGateway.NotFound",
|
||||
},
|
||||
},
|
||||
Logger: c.Config.Logger,
|
||||
NewRequest: func(opts []request.Option) (*request.Request, error) {
|
||||
var inCpy *DescribeInternetGatewaysInput
|
||||
if input != nil {
|
||||
tmp := *input
|
||||
inCpy = &tmp
|
||||
}
|
||||
req, _ := c.DescribeInternetGatewaysRequest(inCpy)
|
||||
req.SetContext(ctx)
|
||||
req.ApplyOptions(opts...)
|
||||
return req, nil
|
||||
},
|
||||
}
|
||||
w.ApplyOptions(opts...)
|
||||
|
||||
return w.WaitWithContext(ctx)
|
||||
}
|
||||
|
||||
// WaitUntilKeyPairExists uses the Amazon EC2 API operation
|
||||
// DescribeKeyPairs to wait for a condition to be met before returning.
|
||||
// If the condition is not met within the max attempt window, an error will
|
||||
|
4
vendor/github.com/aws/aws-sdk-go/service/kms/service.go
generated
vendored
4
vendor/github.com/aws/aws-sdk-go/service/kms/service.go
generated
vendored
@ -49,6 +49,10 @@ const (
|
||||
// svc := kms.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *KMS {
|
||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||
if c.SigningNameDerived || len(c.SigningName) == 0 {
|
||||
c.SigningName = EndpointsID
|
||||
// No Fallback
|
||||
}
|
||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion)
|
||||
}
|
||||
|
||||
|
168
vendor/github.com/aws/aws-sdk-go/service/sts/api.go
generated
vendored
168
vendor/github.com/aws/aws-sdk-go/service/sts/api.go
generated
vendored
@ -63,14 +63,15 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
|
||||
// or for cross-account access. For a comparison of AssumeRole with other API
|
||||
// operations that produce temporary credentials, see Requesting Temporary Security
|
||||
// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
|
||||
// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Permissions
|
||||
//
|
||||
// The temporary security credentials created by AssumeRole can be used to make
|
||||
// API calls to any Amazon Web Services service with the following exception:
|
||||
// You cannot call the STS GetFederationToken or GetSessionToken API operations.
|
||||
// You cannot call the Amazon Web Services STS GetFederationToken or GetSessionToken
|
||||
// API operations.
|
||||
//
|
||||
// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
|
||||
// to this operation. You can pass a single JSON policy document to use as an
|
||||
@ -86,26 +87,33 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
|
||||
// For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// To assume a role from a different account, your account must be trusted by
|
||||
// the role. The trust relationship is defined in the role's trust policy when
|
||||
// the role is created. That trust policy states which accounts are allowed
|
||||
// to delegate that access to users in the account.
|
||||
// When you create a role, you create two policies: A role trust policy that
|
||||
// specifies who can assume the role and a permissions policy that specifies
|
||||
// what can be done with the role. You specify the trusted principal who is
|
||||
// allowed to assume the role in the role trust policy.
|
||||
//
|
||||
// To assume a role from a different account, your Amazon Web Services account
|
||||
// must be trusted by the role. The trust relationship is defined in the role's
|
||||
// trust policy when the role is created. That trust policy states which accounts
|
||||
// are allowed to delegate that access to users in the account.
|
||||
//
|
||||
// A user who wants to access a role in a different account must also have permissions
|
||||
// that are delegated from the user account administrator. The administrator
|
||||
// must attach a policy that allows the user to call AssumeRole for the ARN
|
||||
// of the role in the other account. If the user is in the same account as the
|
||||
// role, then you can do either of the following:
|
||||
// of the role in the other account.
|
||||
//
|
||||
// * Attach a policy to the user (identical to the previous user in a different
|
||||
// account).
|
||||
// To allow a user to assume a role in the same account, you can do either of
|
||||
// the following:
|
||||
//
|
||||
// * Attach a policy to the user that allows the user to call AssumeRole
|
||||
// (as long as the role's trust policy trusts the account).
|
||||
//
|
||||
// * Add the user as a principal directly in the role's trust policy.
|
||||
//
|
||||
// In this case, the trust policy acts as an IAM resource-based policy. Users
|
||||
// in the same account as the role do not need explicit permission to assume
|
||||
// the role. For more information about trust policies and resource-based policies,
|
||||
// see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
|
||||
// You can do either because the role’s trust policy acts as an IAM resource-based
|
||||
// policy. When a resource-based policy grants access to a principal in the
|
||||
// same account, no additional identity-based policy is required. For more information
|
||||
// about trust policies and resource-based policies, see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Tags
|
||||
@ -170,7 +178,7 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
|
||||
//
|
||||
// You could receive this error even though you meet other defined session policy
|
||||
// and session tag limits. For more information, see IAM and STS Entity Character
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// * ErrCodeRegionDisabledException "RegionDisabledException"
|
||||
@ -258,7 +266,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
|
||||
// Services access without user-specific credentials or configuration. For a
|
||||
// comparison of AssumeRoleWithSAML with the other API operations that produce
|
||||
// temporary credentials, see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
|
||||
// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// The temporary security credentials returned by this operation consist of
|
||||
@ -403,7 +411,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
|
||||
//
|
||||
// You could receive this error even though you meet other defined session policy
|
||||
// and session tag limits. For more information, see IAM and STS Entity Character
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// * ErrCodeIDPRejectedClaimException "IDPRejectedClaim"
|
||||
@ -523,7 +531,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
|
||||
// by using a token from the web identity provider. For a comparison of AssumeRoleWithWebIdentity
|
||||
// with the other API operations that produce temporary credentials, see Requesting
|
||||
// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
|
||||
// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// The temporary security credentials returned by this API consist of an access
|
||||
@ -661,7 +669,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
|
||||
//
|
||||
// You could receive this error even though you meet other defined session policy
|
||||
// and session tag limits. For more information, see IAM and STS Entity Character
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// * ErrCodeIDPRejectedClaimException "IDPRejectedClaim"
|
||||
@ -776,10 +784,11 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag
|
||||
// code.
|
||||
//
|
||||
// The message is encoded because the details of the authorization status can
|
||||
// constitute privileged information that the user who requested the operation
|
||||
// contain privileged information that the user who requested the operation
|
||||
// should not see. To decode an authorization status message, a user must be
|
||||
// granted permissions via an IAM policy to request the DecodeAuthorizationMessage
|
||||
// (sts:DecodeAuthorizationMessage) action.
|
||||
// granted permissions through an IAM policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
|
||||
// to request the DecodeAuthorizationMessage (sts:DecodeAuthorizationMessage)
|
||||
// action.
|
||||
//
|
||||
// The decoded message includes the following type of information:
|
||||
//
|
||||
@ -1065,7 +1074,7 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
|
||||
// For a comparison of GetFederationToken with the other API operations that
|
||||
// produce temporary credentials, see Requesting Temporary Security Credentials
|
||||
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
|
||||
// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// You can create a mobile-based or browser-based app that can authenticate
|
||||
@ -1088,9 +1097,9 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
|
||||
//
|
||||
// The temporary credentials are valid for the specified duration, from 900
|
||||
// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default
|
||||
// session duration is 43,200 seconds (12 hours). Temporary credentials that
|
||||
// are obtained by using Amazon Web Services account root user credentials have
|
||||
// a maximum duration of 3,600 seconds (1 hour).
|
||||
// session duration is 43,200 seconds (12 hours). Temporary credentials obtained
|
||||
// by using the Amazon Web Services account root user credentials have a maximum
|
||||
// duration of 3,600 seconds (1 hour).
|
||||
//
|
||||
// Permissions
|
||||
//
|
||||
@ -1141,63 +1150,6 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
|
||||
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// You can also call GetFederationToken using the security credentials of an
|
||||
// Amazon Web Services account root user, but we do not recommend it. Instead,
|
||||
// we recommend that you create an IAM user for the purpose of the proxy application.
|
||||
// Then attach a policy to the IAM user that limits federated users to only
|
||||
// the actions and resources that they need to access. For more information,
|
||||
// see IAM Best Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Session duration
|
||||
//
|
||||
// The temporary credentials are valid for the specified duration, from 900
|
||||
// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default
|
||||
// session duration is 43,200 seconds (12 hours). Temporary credentials that
|
||||
// are obtained by using Amazon Web Services account root user credentials have
|
||||
// a maximum duration of 3,600 seconds (1 hour).
|
||||
//
|
||||
// Permissions
|
||||
//
|
||||
// You can use the temporary credentials created by GetFederationToken in any
|
||||
// Amazon Web Services service except the following:
|
||||
//
|
||||
// * You cannot call any IAM operations using the CLI or the Amazon Web Services
|
||||
// API.
|
||||
//
|
||||
// * You cannot call any STS operations except GetCallerIdentity.
|
||||
//
|
||||
// You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
|
||||
// to this operation. You can pass a single JSON policy document to use as an
|
||||
// inline session policy. You can also specify up to 10 managed policies to
|
||||
// use as managed session policies. The plain text that you use for both inline
|
||||
// and managed session policies can't exceed 2,048 characters.
|
||||
//
|
||||
// Though the session policy parameters are optional, if you do not pass a policy,
|
||||
// then the resulting federated user session has no permissions. When you pass
|
||||
// session policies, the session permissions are the intersection of the IAM
|
||||
// user policies and the session policies that you pass. This gives you a way
|
||||
// to further restrict the permissions for a federated user. You cannot use
|
||||
// session policies to grant more permissions than those that are defined in
|
||||
// the permissions policy of the IAM user. For more information, see Session
|
||||
// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
|
||||
// in the IAM User Guide. For information about using GetFederationToken to
|
||||
// create temporary security credentials, see GetFederationToken—Federation
|
||||
// Through a Custom Identity Broker (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken).
|
||||
//
|
||||
// You can use the credentials to access a resource that has a resource-based
|
||||
// policy. If that policy specifically references the federated user session
|
||||
// in the Principal element of the policy, the session has the permissions allowed
|
||||
// by the policy. These permissions are granted in addition to the permissions
|
||||
// granted by the session policies.
|
||||
//
|
||||
// Tags
|
||||
//
|
||||
// (Optional) You can pass tag key-value pairs to your session. These are called
|
||||
// session tags. For more information about session tags, see Passing Session
|
||||
// Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// An administrator must grant you the permissions necessary to pass session
|
||||
// tags. The administrator can also create granular permissions to allow you
|
||||
// to pass only specific session tags. For more information, see Tutorial: Using
|
||||
@ -1234,7 +1186,7 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
|
||||
//
|
||||
// You could receive this error even though you meet other defined session policy
|
||||
// and session tag limits. For more information, see IAM and STS Entity Character
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// * ErrCodeRegionDisabledException "RegionDisabledException"
|
||||
@ -1323,7 +1275,7 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.
|
||||
// then the API returns an access denied error. For a comparison of GetSessionToken
|
||||
// with the other API operations that produce temporary credentials, see Requesting
|
||||
// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
|
||||
// and Comparing the STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Session Duration
|
||||
@ -1404,15 +1356,23 @@ func (c *STS) GetSessionTokenWithContext(ctx aws.Context, input *GetSessionToken
|
||||
type AssumeRoleInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The duration, in seconds, of the role session. The value specified can can
|
||||
// range from 900 seconds (15 minutes) up to the maximum session duration that
|
||||
// is set for the role. The maximum session duration setting can have a value
|
||||
// from 1 hour to 12 hours. If you specify a value higher than this setting
|
||||
// or the administrator setting (whichever is lower), the operation fails. For
|
||||
// example, if you specify a session duration of 12 hours, but your administrator
|
||||
// set the maximum session duration to 6 hours, your operation fails. To learn
|
||||
// how to view the maximum value for your role, see View the Maximum Session
|
||||
// Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session)
|
||||
// The duration, in seconds, of the role session. The value specified can range
|
||||
// from 900 seconds (15 minutes) up to the maximum session duration set for
|
||||
// the role. The maximum session duration setting can have a value from 1 hour
|
||||
// to 12 hours. If you specify a value higher than this setting or the administrator
|
||||
// setting (whichever is lower), the operation fails. For example, if you specify
|
||||
// a session duration of 12 hours, but your administrator set the maximum session
|
||||
// duration to 6 hours, your operation fails.
|
||||
//
|
||||
// Role chaining limits your Amazon Web Services CLI or Amazon Web Services
|
||||
// API role session to a maximum of one hour. When you use the AssumeRole API
|
||||
// operation to assume a role, you can specify the duration of your role session
|
||||
// with the DurationSeconds parameter. You can specify a parameter value of
|
||||
// up to 43200 seconds (12 hours), depending on the maximum session duration
|
||||
// setting for your role. However, if you assume a role using role chaining
|
||||
// and provide a DurationSeconds parameter value greater than one hour, the
|
||||
// operation fails. To learn how to view the maximum value for your role, see
|
||||
// View the Maximum Session Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// By default, the value is set to 3600 seconds.
|
||||
@ -1422,7 +1382,7 @@ type AssumeRoleInput struct {
|
||||
// to the federation endpoint for a console sign-in token takes a SessionDuration
|
||||
// parameter that specifies the maximum length of the console session. For more
|
||||
// information, see Creating a URL that Enables Federated Users to Access the
|
||||
// Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
|
||||
// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
|
||||
// in the IAM User Guide.
|
||||
DurationSeconds *int64 `min:"900" type:"integer"`
|
||||
|
||||
@ -1548,7 +1508,7 @@ type AssumeRoleInput struct {
|
||||
|
||||
// A list of session tags that you want to pass. Each session tag consists of
|
||||
// a key name and an associated value. For more information about session tags,
|
||||
// see Tagging STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
|
||||
// see Tagging Amazon Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// This parameter is optional. You can pass up to 50 session tags. The plaintext
|
||||
@ -1858,7 +1818,7 @@ type AssumeRoleWithSAMLInput struct {
|
||||
// to the federation endpoint for a console sign-in token takes a SessionDuration
|
||||
// parameter that specifies the maximum length of the console session. For more
|
||||
// information, see Creating a URL that Enables Federated Users to Access the
|
||||
// Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
|
||||
// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
|
||||
// in the IAM User Guide.
|
||||
DurationSeconds *int64 `min:"900" type:"integer"`
|
||||
|
||||
@ -2205,7 +2165,7 @@ type AssumeRoleWithWebIdentityInput struct {
|
||||
// to the federation endpoint for a console sign-in token takes a SessionDuration
|
||||
// parameter that specifies the maximum length of the console session. For more
|
||||
// information, see Creating a URL that Enables Federated Users to Access the
|
||||
// Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
|
||||
// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html)
|
||||
// in the IAM User Guide.
|
||||
DurationSeconds *int64 `min:"900" type:"integer"`
|
||||
|
||||
@ -2705,7 +2665,7 @@ func (s *DecodeAuthorizationMessageInput) SetEncodedMessage(v string) *DecodeAut
|
||||
type DecodeAuthorizationMessageOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// An XML document that contains the decoded message.
|
||||
// The API returns a response with the decoded message.
|
||||
DecodedMessage *string `type:"string"`
|
||||
}
|
||||
|
||||
@ -3237,8 +3197,8 @@ type GetSessionTokenInput struct {
|
||||
// user has a policy that requires MFA authentication. The value is either the
|
||||
// serial number for a hardware device (such as GAHT12345678) or an Amazon Resource
|
||||
// Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user).
|
||||
// You can find the device for an IAM user by going to the Management Console
|
||||
// and viewing the user's security credentials.
|
||||
// You can find the device for an IAM user by going to the Amazon Web Services
|
||||
// Management Console and viewing the user's security credentials.
|
||||
//
|
||||
// The regex used to validate this parameter is a string of characters consisting
|
||||
// of upper- and lower-case alphanumeric characters with no spaces. You can
|
||||
@ -3400,9 +3360,9 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType {
|
||||
|
||||
// You can pass custom key-value pair attributes when you assume a role or federate
|
||||
// a user. These are called session tags. You can then use the session tags
|
||||
// to control access to resources. For more information, see Tagging STS Sessions
|
||||
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in
|
||||
// the IAM User Guide.
|
||||
// to control access to resources. For more information, see Tagging Amazon
|
||||
// Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
|
||||
// in the IAM User Guide.
|
||||
type Tag struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
|
2
vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
generated
vendored
@ -67,7 +67,7 @@ const (
|
||||
//
|
||||
// You could receive this error even though you meet other defined session policy
|
||||
// and session tag limits. For more information, see IAM and STS Entity Character
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
|
||||
// in the IAM User Guide.
|
||||
ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge"
|
||||
|
||||
|
4
vendor/github.com/aws/aws-sdk-go/service/sts/service.go
generated
vendored
4
vendor/github.com/aws/aws-sdk-go/service/sts/service.go
generated
vendored
@ -48,6 +48,10 @@ const (
|
||||
// svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *STS {
|
||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||
if c.SigningNameDerived || len(c.SigningName) == 0 {
|
||||
c.SigningName = EndpointsID
|
||||
// No Fallback
|
||||
}
|
||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion)
|
||||
}
|
||||
|
||||
|
2
vendor/golang.org/x/net/http2/server.go
generated
vendored
2
vendor/golang.org/x/net/http2/server.go
generated
vendored
@ -722,7 +722,7 @@ func (sc *serverConn) canonicalHeader(v string) string {
|
||||
// maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of
|
||||
// entries in the canonHeader cache. This should be larger than the number
|
||||
// of unique, uncommon header keys likely to be sent by the peer, while not
|
||||
// so high as to permit unreaasonable memory usage if the peer sends an unbounded
|
||||
// so high as to permit unreasonable memory usage if the peer sends an unbounded
|
||||
// number of unique header keys.
|
||||
const maxCachedCanonicalHeaders = 32
|
||||
if len(sc.canonHeader) < maxCachedCanonicalHeaders {
|
||||
|
4
vendor/modules.txt
vendored
4
vendor/modules.txt
vendored
@ -8,7 +8,7 @@ github.com/armon/go-metrics
|
||||
# github.com/armon/go-radix v1.0.0
|
||||
## explicit
|
||||
github.com/armon/go-radix
|
||||
# github.com/aws/aws-sdk-go v1.42.7
|
||||
# github.com/aws/aws-sdk-go v1.42.37
|
||||
## explicit; go 1.11
|
||||
github.com/aws/aws-sdk-go/aws
|
||||
github.com/aws/aws-sdk-go/aws/awserr
|
||||
@ -519,7 +519,7 @@ golang.org/x/crypto/poly1305
|
||||
golang.org/x/crypto/scrypt
|
||||
golang.org/x/crypto/ssh
|
||||
golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
|
||||
# golang.org/x/net v0.0.0-20211209124913-491a49abca63
|
||||
# golang.org/x/net v0.0.0-20211216030914-fe4d6282115f
|
||||
## explicit; go 1.17
|
||||
golang.org/x/net/context
|
||||
golang.org/x/net/context/ctxhttp
|
||||
|
Loading…
Reference in New Issue
Block a user