mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-10-19 21:59:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
1025871021
ceph-csi/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go
Rakshith R 4f0bb2315b rbd: add aws-sts-metdata encryption type 
With Amazon STS and kubernetes cluster is configured with
OIDC identity provider, credentials to access Amazon KMS
can be fetched using oidc-token(serviceaccount token).
Each tenant/namespace needs to create a secret with aws region,
role and CMK ARN.
Ceph-CSI will assume the given role with oidc token and access
aws KMS, with given CMK to encrypt/decrypt DEK which will stored
in the image metdata.

Refer: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html
Resolves: #2879

Signed-off-by: Rakshith R <rar@redhat.com>
2022-03-16 07:29:56 +00:00

194 lines
6.8 KiB
Go
Raw Blame History

// Code generated by smithy-go-codegen DO NOT EDIT.
package types
import (
"fmt"
smithy "github.com/aws/smithy-go"
)
// The web identity token that was passed is expired or is not valid. Get a new
// identity token from the identity provider and then retry the request.
type ExpiredTokenException struct {
Message *string
noSmithyDocumentSerde
}
func (e *ExpiredTokenException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *ExpiredTokenException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *ExpiredTokenException) ErrorCode() string { return "ExpiredTokenException" }
func (e *ExpiredTokenException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The request could not be fulfilled because the identity provider (IDP) that was
// asked to verify the incoming identity token could not be reached. This is often
// a transient error caused by network conditions. Retry the request a limited
// number of times so that you don't exceed the request rate. If the error
// persists, the identity provider might be down or not responding.
type IDPCommunicationErrorException struct {
Message *string
noSmithyDocumentSerde
}
func (e *IDPCommunicationErrorException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *IDPCommunicationErrorException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *IDPCommunicationErrorException) ErrorCode() string { return "IDPCommunicationError" }
func (e *IDPCommunicationErrorException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The identity provider (IdP) reported that authentication failed. This might be
// because the claim is invalid. If this error is returned for the
// AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired
// or has been explicitly revoked.
type IDPRejectedClaimException struct {
Message *string
noSmithyDocumentSerde
}
func (e *IDPRejectedClaimException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *IDPRejectedClaimException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *IDPRejectedClaimException) ErrorCode() string { return "IDPRejectedClaim" }
func (e *IDPRejectedClaimException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The error returned if the message passed to DecodeAuthorizationMessage was
// invalid. This can happen if the token contains invalid characters, such as
// linebreaks.
type InvalidAuthorizationMessageException struct {
Message *string
noSmithyDocumentSerde
}
func (e *InvalidAuthorizationMessageException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *InvalidAuthorizationMessageException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *InvalidAuthorizationMessageException) ErrorCode() string {
return "InvalidAuthorizationMessageException"
}
func (e *InvalidAuthorizationMessageException) ErrorFault() smithy.ErrorFault {
return smithy.FaultClient
}
// The web identity token that was passed could not be validated by Amazon Web
// Services. Get a new identity token from the identity provider and then retry the
// request.
type InvalidIdentityTokenException struct {
Message *string
noSmithyDocumentSerde
}
func (e *InvalidIdentityTokenException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *InvalidIdentityTokenException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *InvalidIdentityTokenException) ErrorCode() string { return "InvalidIdentityToken" }
func (e *InvalidIdentityTokenException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The request was rejected because the policy document was malformed. The error
// message describes the specific error.
type MalformedPolicyDocumentException struct {
Message *string
noSmithyDocumentSerde
}
func (e *MalformedPolicyDocumentException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *MalformedPolicyDocumentException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *MalformedPolicyDocumentException) ErrorCode() string { return "MalformedPolicyDocument" }
func (e *MalformedPolicyDocumentException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The request was rejected because the total packed size of the session policies
// and session tags combined was too large. An Amazon Web Services conversion
// compresses the session policy document, session policy ARNs, and session tags
// into a packed binary format that has a separate limit. The error message
// indicates by percentage how close the policies and tags are to the upper size
// limit. For more information, see Passing Session Tags in STS
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the
// IAM User Guide. You could receive this error even though you meet other defined
// session policy and session tag limits. For more information, see IAM and STS
// Entity Character Limits
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length)
// in the IAM User Guide.
type PackedPolicyTooLargeException struct {
Message *string
noSmithyDocumentSerde
}
func (e *PackedPolicyTooLargeException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *PackedPolicyTooLargeException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *PackedPolicyTooLargeException) ErrorCode() string { return "PackedPolicyTooLarge" }
func (e *PackedPolicyTooLargeException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// STS is not activated in the requested region for the account that is being asked
// to generate credentials. The account administrator must use the IAM console to
// activate STS in that region. For more information, see Activating and
// Deactivating Amazon Web Services STS in an Amazon Web Services Region
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
// in the IAM User Guide.
type RegionDisabledException struct {
Message *string
noSmithyDocumentSerde
}
func (e *RegionDisabledException) Error() string {
return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
}
func (e *RegionDisabledException) ErrorMessage() string {
if e.Message == nil {
return ""
}
return *e.Message
}
func (e *RegionDisabledException) ErrorCode() string { return "RegionDisabledException" }
func (e *RegionDisabledException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
Reference in New Issue View Git Blame Copy Permalink