diff --git a/go.mod b/go.mod index b6c1bfa..12e12a3 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/app-sre/aws-resource-exporter go 1.12 require ( - github.com/aws/aws-sdk-go v1.25.9 + github.com/aws/aws-sdk-go v1.29.2 github.com/golang/protobuf v1.3.3 // indirect github.com/prometheus/client_golang v1.4.1 github.com/prometheus/common v0.9.1 diff --git a/go.sum b/go.sum index add0c09..e44db9c 100644 --- a/go.sum +++ b/go.sum @@ -6,8 +6,8 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf h1:qet1QNfXsQxTZq github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4 h1:Hs82Z41s6SdL1CELW+XaDYmOH4hkBN4/N9og/AsOv7E= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/aws/aws-sdk-go v1.25.9 h1:WtVzerf5wSgPwlTTwl+ktCq/0GCS5MI9ZlLIcjsTr+Q= -github.com/aws/aws-sdk-go v1.25.9/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.29.2 h1:muUfu006FBFvEaDzt4Wq6Ng9E7ufedf8zrB4hmY65QA= +github.com/aws/aws-sdk-go v1.29.2/go.mod h1:1KvfttTE3SPKMpo8g2c6jL3ZKfXtFvKscTgahTma5Xg= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0= @@ -26,6 +26,7 @@ github.com/go-logfmt/logfmt v0.3.0 h1:8HUsc87TaSWLKwrnumgC8/YconD2fJQsRJAsWaPg2i github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0 h1:MP4Eh7ZCb31lleYCFuwm0oe4/YGak+5l1vA2NOE80nA= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/gogo/protobuf v1.1.1 h1:72R+M5VuhED/KujmZVcIquuo8mBgX4oVda//DQb3PXo= @@ -66,6 +67,7 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v0.9.1 h1:K47Rk0v/fkEfwfQet2KWhscE0cJzjgCCDBG2KHZoVno= @@ -107,6 +109,8 @@ golang.org/x/net v0.0.0-20181114220301-adae6a3d119a h1:gOpx8G595UYyvj8UK4+OFyY4r golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go index 285e54d..a4eb6a7 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go @@ -70,7 +70,7 @@ func rValuesAtPath(v interface{}, path string, createPath, caseSensitive, nilTer value = value.FieldByNameFunc(func(name string) bool { if c == name { return true - } else if !caseSensitive && strings.ToLower(name) == strings.ToLower(c) { + } else if !caseSensitive && strings.EqualFold(name, c) { return true } return false diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go index c022407..03334d6 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go @@ -12,6 +12,7 @@ import ( type Config struct { Config *aws.Config Handlers request.Handlers + PartitionID string Endpoint string SigningRegion string SigningName string diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go index 0fda425..9f6af19 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go @@ -16,11 +16,11 @@ import ( type DefaultRetryer struct { // Num max Retries is the number of max retries that will be performed. // By default, this is zero. - NumMaxRetries int + NumMaxRetries int // MinRetryDelay is the minimum retry delay after which retry will be performed. // If not set, the value is 0ns. - MinRetryDelay time.Duration + MinRetryDelay time.Duration // MinThrottleRetryDelay is the minimum retry delay when throttled. // If not set, the value is 0ns. @@ -28,7 +28,7 @@ type DefaultRetryer struct { // MaxRetryDelay is the maximum retry delay before which retry must be performed. // If not set, the value is 0ns. - MaxRetryDelay time.Duration + MaxRetryDelay time.Duration // MaxThrottleDelay is the maximum retry delay when throttled. // If not set, the value is 0ns. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go b/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go index 920e9fd..0c48f72 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go @@ -5,6 +5,7 @@ type ClientInfo struct { ServiceName string ServiceID string APIVersion string + PartitionID string Endpoint string SigningName string SigningRegion string diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go index fd1e240..2def23f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -161,6 +161,17 @@ type Config struct { // on GetObject API calls. S3DisableContentMD5Validation *bool + // Set this to `true` to have the S3 service client to use the region specified + // in the ARN, when an ARN is provided as an argument to a bucket parameter. + S3UseARNRegion *bool + + // Set this to `true` to enable the SDK to unmarshal API response header maps to + // normalized lower case map keys. + // + // For example S3's X-Amz-Meta prefixed header will be unmarshaled to lower case + // Metadata member's map keys. The value of the header in the map is unaffected. + LowerCaseHeaderMaps *bool + // Set this to `true` to disable the EC2Metadata client from overriding the // default http.Client's Timeout. This is helpful if you do not want the // EC2Metadata client to create a new http.Client. This options is only @@ -246,6 +257,12 @@ type Config struct { // Disabling this feature is useful when you want to use local endpoints // for testing that do not support the modeled host prefix pattern. DisableEndpointHostPrefix *bool + + // STSRegionalEndpoint will enable regional or legacy endpoint resolving + STSRegionalEndpoint endpoints.STSRegionalEndpoint + + // S3UsEast1RegionalEndpoint will enable regional or legacy endpoint resolving + S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint } // NewConfig returns a new Config pointer that can be chained with builder @@ -379,6 +396,13 @@ func (c *Config) WithS3DisableContentMD5Validation(enable bool) *Config { } +// WithS3UseARNRegion sets a config S3UseARNRegion value and +// returning a Config pointer for chaining +func (c *Config) WithS3UseARNRegion(enable bool) *Config { + c.S3UseARNRegion = &enable + return c +} + // WithUseDualStack sets a config UseDualStack value returning a Config // pointer for chaining. func (c *Config) WithUseDualStack(enable bool) *Config { @@ -420,6 +444,20 @@ func (c *Config) MergeIn(cfgs ...*Config) { } } +// WithSTSRegionalEndpoint will set whether or not to use regional endpoint flag +// when resolving the endpoint for a service +func (c *Config) WithSTSRegionalEndpoint(sre endpoints.STSRegionalEndpoint) *Config { + c.STSRegionalEndpoint = sre + return c +} + +// WithS3UsEast1RegionalEndpoint will set whether or not to use regional endpoint flag +// when resolving the endpoint for a service +func (c *Config) WithS3UsEast1RegionalEndpoint(sre endpoints.S3UsEast1RegionalEndpoint) *Config { + c.S3UsEast1RegionalEndpoint = sre + return c +} + func mergeInConfig(dst *Config, other *Config) { if other == nil { return @@ -493,6 +531,10 @@ func mergeInConfig(dst *Config, other *Config) { dst.S3DisableContentMD5Validation = other.S3DisableContentMD5Validation } + if other.S3UseARNRegion != nil { + dst.S3UseARNRegion = other.S3UseARNRegion + } + if other.UseDualStack != nil { dst.UseDualStack = other.UseDualStack } @@ -520,6 +562,14 @@ func mergeInConfig(dst *Config, other *Config) { if other.DisableEndpointHostPrefix != nil { dst.DisableEndpointHostPrefix = other.DisableEndpointHostPrefix } + + if other.STSRegionalEndpoint != endpoints.UnsetSTSEndpoint { + dst.STSRegionalEndpoint = other.STSRegionalEndpoint + } + + if other.S3UsEast1RegionalEndpoint != endpoints.UnsetS3UsEast1Endpoint { + dst.S3UsEast1RegionalEndpoint = other.S3UsEast1RegionalEndpoint + } } // Copy will return a shallow copy of the Config object. If any additional diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go index 0c60e61..aa902d7 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go @@ -161,7 +161,7 @@ func handleSendError(r *request.Request, err error) { } // Catch all request errors, and let the default retrier determine // if the error is retryable. - r.Error = awserr.New("RequestError", "send request failed", err) + r.Error = awserr.New(request.ErrCodeRequestError, "send request failed", err) // Override the error with a context canceled error, if that was canceled. ctx := r.Context() diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go index 4af5921..3b16f9c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go @@ -50,10 +50,11 @@ package credentials import ( "fmt" - "sync" + "sync/atomic" "time" "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/internal/sync/singleflight" ) // AnonymousCredentials is an empty Credential object that can be used as @@ -197,20 +198,19 @@ func (e *Expiry) ExpiresAt() time.Time { // first instance of the credentials Value. All calls to Get() after that // will return the cached credentials Value until IsExpired() returns true. type Credentials struct { - creds Value - forceRefresh bool - - m sync.RWMutex + creds atomic.Value + sf singleflight.Group provider Provider } // NewCredentials returns a pointer to a new Credentials with the provider set. func NewCredentials(provider Provider) *Credentials { - return &Credentials{ - provider: provider, - forceRefresh: true, + c := &Credentials{ + provider: provider, } + c.creds.Store(Value{}) + return c } // Get returns the credentials value, or error if the credentials Value failed @@ -223,30 +223,24 @@ func NewCredentials(provider Provider) *Credentials { // If Credentials.Expire() was called the credentials Value will be force // expired, and the next call to Get() will cause them to be refreshed. func (c *Credentials) Get() (Value, error) { - // Check the cached credentials first with just the read lock. - c.m.RLock() - if !c.isExpired() { - creds := c.creds - c.m.RUnlock() - return creds, nil + if creds := c.creds.Load(); !c.isExpired(creds) { + return creds.(Value), nil } - c.m.RUnlock() - // Credentials are expired need to retrieve the credentials taking the full - // lock. - c.m.Lock() - defer c.m.Unlock() + creds, err, _ := c.sf.Do("", func() (interface{}, error) { + if creds := c.creds.Load(); !c.isExpired(creds) { + return creds.(Value), nil + } - if c.isExpired() { creds, err := c.provider.Retrieve() - if err != nil { - return Value{}, err + if err == nil { + c.creds.Store(creds) } - c.creds = creds - c.forceRefresh = false - } - return c.creds, nil + return creds, err + }) + + return creds.(Value), err } // Expire expires the credentials and forces them to be retrieved on the @@ -255,10 +249,7 @@ func (c *Credentials) Get() (Value, error) { // This will override the Provider's expired state, and force Credentials // to call the Provider's Retrieve(). func (c *Credentials) Expire() { - c.m.Lock() - defer c.m.Unlock() - - c.forceRefresh = true + c.creds.Store(Value{}) } // IsExpired returns if the credentials are no longer valid, and need @@ -267,31 +258,25 @@ func (c *Credentials) Expire() { // If the Credentials were forced to be expired with Expire() this will // reflect that override. func (c *Credentials) IsExpired() bool { - c.m.RLock() - defer c.m.RUnlock() - - return c.isExpired() + return c.isExpired(c.creds.Load()) } // isExpired helper method wrapping the definition of expired credentials. -func (c *Credentials) isExpired() bool { - return c.forceRefresh || c.provider.IsExpired() +func (c *Credentials) isExpired(creds interface{}) bool { + return creds == nil || creds.(Value) == Value{} || c.provider.IsExpired() } // ExpiresAt provides access to the functionality of the Expirer interface of // the underlying Provider, if it supports that interface. Otherwise, it returns // an error. func (c *Credentials) ExpiresAt() (time.Time, error) { - c.m.RLock() - defer c.m.RUnlock() - expirer, ok := c.provider.(Expirer) if !ok { return time.Time{}, awserr.New("ProviderNotExpirer", - fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.ProviderName), + fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.Load().(Value).ProviderName), nil) } - if c.forceRefresh { + if c.creds.Load().(Value) == (Value{}) { // set expiration time to the distant past return time.Time{}, nil } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go index 1980c8c..e624836 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go @@ -90,6 +90,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/internal/sdkio" ) const ( @@ -142,7 +143,7 @@ const ( // DefaultBufSize limits buffer size from growing to an enormous // amount due to a faulty process. - DefaultBufSize = 1024 + DefaultBufSize = int(8 * sdkio.KibiByte) // DefaultTimeout default limit on time a process can run. DefaultTimeout = time.Duration(1) * time.Minute diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 2e528d1..9f37f44 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -144,6 +144,13 @@ type AssumeRoleProvider struct { // Session name, if you wish to reuse the credentials elsewhere. RoleSessionName string + // Optional, you can pass tag key-value pairs to your session. These tags are called session tags. + Tags []*sts.Tag + + // A list of keys for session tags that you want to set as transitive. + // If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain. + TransitiveTagKeys []*string + // Expiry duration of the STS credentials. Defaults to 15 minutes if not set. Duration time.Duration @@ -269,10 +276,12 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { } jitter := time.Duration(sdkrand.SeededRand.Float64() * p.MaxJitterFrac * float64(p.Duration)) input := &sts.AssumeRoleInput{ - DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)), - RoleArn: aws.String(p.RoleARN), - RoleSessionName: aws.String(p.RoleSessionName), - ExternalId: p.ExternalID, + DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)), + RoleArn: aws.String(p.RoleARN), + RoleSessionName: aws.String(p.RoleSessionName), + ExternalId: p.ExternalID, + Tags: p.Tags, + TransitiveTagKeys: p.TransitiveTagKeys, } if p.Policy != nil { input.Policy = p.Policy diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go index c7008d8..835bcd4 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go @@ -66,7 +66,6 @@ func (rep *Reporter) sendAPICallAttemptMetric(r *request.Request) { XAmzRequestID: aws.String(r.RequestID), - AttemptCount: aws.Int(r.RetryCount + 1), AttemptLatency: aws.Int(int(now.Sub(r.AttemptTime).Nanoseconds() / int64(time.Millisecond))), AccessKey: aws.String(creds.AccessKeyID), } @@ -90,7 +89,7 @@ func getMetricException(err awserr.Error) metricException { code := err.Code() switch code { - case "RequestError", + case request.ErrCodeRequestError, request.ErrCodeSerialization, request.CanceledErrorCode: return sdkException{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go index d126764..12897ee 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go @@ -4,6 +4,7 @@ import ( "encoding/json" "fmt" "net/http" + "strconv" "strings" "time" @@ -12,8 +13,41 @@ import ( "github.com/aws/aws-sdk-go/internal/sdkuri" ) +// getToken uses the duration to return a token for EC2 metadata service, +// or an error if the request failed. +func (c *EC2Metadata) getToken(duration time.Duration) (tokenOutput, error) { + op := &request.Operation{ + Name: "GetToken", + HTTPMethod: "PUT", + HTTPPath: "/api/token", + } + + var output tokenOutput + req := c.NewRequest(op, nil, &output) + + // remove the fetch token handler from the request handlers to avoid infinite recursion + req.Handlers.Sign.RemoveByName(fetchTokenHandlerName) + + // Swap the unmarshalMetadataHandler with unmarshalTokenHandler on this request. + req.Handlers.Unmarshal.Swap(unmarshalMetadataHandlerName, unmarshalTokenHandler) + + ttl := strconv.FormatInt(int64(duration/time.Second), 10) + req.HTTPRequest.Header.Set(ttlHeader, ttl) + + err := req.Send() + + // Errors with bad request status should be returned. + if err != nil { + err = awserr.NewRequestFailure( + awserr.New(req.HTTPResponse.Status, http.StatusText(req.HTTPResponse.StatusCode), err), + req.HTTPResponse.StatusCode, req.RequestID) + } + + return output, err +} + // GetMetadata uses the path provided to request information from the EC2 -// instance metdata service. The content will be returned as a string, or +// instance metadata service. The content will be returned as a string, or // error if the request failed. func (c *EC2Metadata) GetMetadata(p string) (string, error) { op := &request.Operation{ @@ -21,11 +55,11 @@ func (c *EC2Metadata) GetMetadata(p string) (string, error) { HTTPMethod: "GET", HTTPPath: sdkuri.PathJoin("/meta-data", p), } - output := &metadataOutput{} + req := c.NewRequest(op, nil, output) - err := req.Send() + err := req.Send() return output.Content, err } @@ -41,13 +75,8 @@ func (c *EC2Metadata) GetUserData() (string, error) { output := &metadataOutput{} req := c.NewRequest(op, nil, output) - req.Handlers.UnmarshalError.PushBack(func(r *request.Request) { - if r.HTTPResponse.StatusCode == http.StatusNotFound { - r.Error = awserr.New("NotFoundError", "user-data not found", r.Error) - } - }) - err := req.Send() + err := req.Send() return output.Content, err } @@ -63,8 +92,8 @@ func (c *EC2Metadata) GetDynamicData(p string) (string, error) { output := &metadataOutput{} req := c.NewRequest(op, nil, output) - err := req.Send() + err := req.Send() return output.Content, err } @@ -116,17 +145,17 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) { // Region returns the region the instance is running in. func (c *EC2Metadata) Region() (string, error) { - resp, err := c.GetMetadata("placement/availability-zone") + ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocument() if err != nil { return "", err } - - if len(resp) == 0 { - return "", awserr.New("EC2MetadataError", "invalid Region response", nil) + // extract region from the ec2InstanceIdentityDocument + region := ec2InstanceIdentityDocument.Region + if len(region) == 0 { + return "", awserr.New("EC2MetadataError", "invalid region received for ec2metadata instance", nil) } - - // returns region without the suffix. Eg: us-west-2a becomes us-west-2 - return resp[:len(resp)-1], nil + // returns region + return region, nil } // Available returns if the application has access to the EC2 Metadata service. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index 4c5636e..b8b2940 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -13,6 +13,7 @@ import ( "io" "net/http" "os" + "strconv" "strings" "time" @@ -24,9 +25,25 @@ import ( "github.com/aws/aws-sdk-go/aws/request" ) -// ServiceName is the name of the service. -const ServiceName = "ec2metadata" -const disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED" +const ( + // ServiceName is the name of the service. + ServiceName = "ec2metadata" + disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED" + + // Headers for Token and TTL + ttlHeader = "x-aws-ec2-metadata-token-ttl-seconds" + tokenHeader = "x-aws-ec2-metadata-token" + + // Named Handler constants + fetchTokenHandlerName = "FetchTokenHandler" + unmarshalMetadataHandlerName = "unmarshalMetadataHandler" + unmarshalTokenHandlerName = "unmarshalTokenHandler" + enableTokenProviderHandlerName = "enableTokenProviderHandler" + + // TTL constants + defaultTTL = 21600 * time.Second + ttlExpirationWindow = 30 * time.Second +) // A EC2Metadata is an EC2 Metadata service Client. type EC2Metadata struct { @@ -63,8 +80,10 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio // use a shorter timeout than default because the metadata // service is local if it is running, and to fail faster // if not running on an ec2 instance. - Timeout: 5 * time.Second, + Timeout: 1 * time.Second, } + // max number of retries on the client operation + cfg.MaxRetries = aws.Int(2) } svc := &EC2Metadata{ @@ -80,13 +99,27 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ), } - svc.Handlers.Unmarshal.PushBack(unmarshalHandler) + // token provider instance + tp := newTokenProvider(svc, defaultTTL) + + // NamedHandler for fetching token + svc.Handlers.Sign.PushBackNamed(request.NamedHandler{ + Name: fetchTokenHandlerName, + Fn: tp.fetchTokenHandler, + }) + // NamedHandler for enabling token provider + svc.Handlers.Complete.PushBackNamed(request.NamedHandler{ + Name: enableTokenProviderHandlerName, + Fn: tp.enableTokenProviderHandler, + }) + + svc.Handlers.Unmarshal.PushBackNamed(unmarshalHandler) svc.Handlers.UnmarshalError.PushBack(unmarshalError) svc.Handlers.Validate.Clear() svc.Handlers.Validate.PushBack(validateEndpointHandler) // Disable the EC2 Metadata service if the environment variable is set. - // This shortcirctes the service's functionality to always fail to send + // This short-circuits the service's functionality to always fail to send // requests. if strings.ToLower(os.Getenv(disableServiceEnvVar)) == "true" { svc.Handlers.Send.SwapNamed(request.NamedHandler{ @@ -107,7 +140,6 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio for _, option := range opts { option(svc.Client) } - return svc } @@ -119,30 +151,74 @@ type metadataOutput struct { Content string } -func unmarshalHandler(r *request.Request) { - defer r.HTTPResponse.Body.Close() - b := &bytes.Buffer{} - if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata response", err) - return - } +type tokenOutput struct { + Token string + TTL time.Duration +} - if data, ok := r.Data.(*metadataOutput); ok { - data.Content = b.String() - } +// unmarshal token handler is used to parse the response of a getToken operation +var unmarshalTokenHandler = request.NamedHandler{ + Name: unmarshalTokenHandlerName, + Fn: func(r *request.Request) { + defer r.HTTPResponse.Body.Close() + var b bytes.Buffer + if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { + r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization, + "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID) + return + } + + v := r.HTTPResponse.Header.Get(ttlHeader) + data, ok := r.Data.(*tokenOutput) + if !ok { + return + } + + data.Token = b.String() + // TTL is in seconds + i, err := strconv.ParseInt(v, 10, 64) + if err != nil { + r.Error = awserr.NewRequestFailure(awserr.New(request.ParamFormatErrCode, + "unable to parse EC2 token TTL response", err), r.HTTPResponse.StatusCode, r.RequestID) + return + } + t := time.Duration(i) * time.Second + data.TTL = t + }, +} + +var unmarshalHandler = request.NamedHandler{ + Name: unmarshalMetadataHandlerName, + Fn: func(r *request.Request) { + defer r.HTTPResponse.Body.Close() + var b bytes.Buffer + if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { + r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization, + "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID) + return + } + + if data, ok := r.Data.(*metadataOutput); ok { + data.Content = b.String() + } + }, } func unmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() - b := &bytes.Buffer{} - if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err) + var b bytes.Buffer + + if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err), + r.HTTPResponse.StatusCode, r.RequestID) return } // Response body format is not consistent between metadata endpoints. // Grab the error message as a string and include that as the source error - r.Error = awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())) + r.Error = awserr.NewRequestFailure(awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())), + r.HTTPResponse.StatusCode, r.RequestID) } func validateEndpointHandler(r *request.Request) { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go new file mode 100644 index 0000000..663372a --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go @@ -0,0 +1,92 @@ +package ec2metadata + +import ( + "net/http" + "sync/atomic" + "time" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" +) + +// A tokenProvider struct provides access to EC2Metadata client +// and atomic instance of a token, along with configuredTTL for it. +// tokenProvider also provides an atomic flag to disable the +// fetch token operation. +// The disabled member will use 0 as false, and 1 as true. +type tokenProvider struct { + client *EC2Metadata + token atomic.Value + configuredTTL time.Duration + disabled uint32 +} + +// A ec2Token struct helps use of token in EC2 Metadata service ops +type ec2Token struct { + token string + credentials.Expiry +} + +// newTokenProvider provides a pointer to a tokenProvider instance +func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider { + return &tokenProvider{client: c, configuredTTL: duration} +} + +// fetchTokenHandler fetches token for EC2Metadata service client by default. +func (t *tokenProvider) fetchTokenHandler(r *request.Request) { + + // short-circuits to insecure data flow if tokenProvider is disabled. + if v := atomic.LoadUint32(&t.disabled); v == 1 { + return + } + + if ec2Token, ok := t.token.Load().(ec2Token); ok && !ec2Token.IsExpired() { + r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token) + return + } + + output, err := t.client.getToken(t.configuredTTL) + + if err != nil { + + // change the disabled flag on token provider to true, + // when error is request timeout error. + if requestFailureError, ok := err.(awserr.RequestFailure); ok { + switch requestFailureError.StatusCode() { + case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed: + atomic.StoreUint32(&t.disabled, 1) + case http.StatusBadRequest: + r.Error = requestFailureError + } + + // Check if request timed out while waiting for response + if e, ok := requestFailureError.OrigErr().(awserr.Error); ok { + if e.Code() == request.ErrCodeRequestError { + atomic.StoreUint32(&t.disabled, 1) + } + } + } + return + } + + newToken := ec2Token{ + token: output.Token, + } + newToken.SetExpiration(time.Now().Add(output.TTL), ttlExpirationWindow) + t.token.Store(newToken) + + // Inject token header to the request. + if ec2Token, ok := t.token.Load().(ec2Token); ok { + r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token) + } +} + +// enableTokenProviderHandler enables the token provider +func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) { + // If the error code status is 401, we enable the token provider + if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil && + e.StatusCode() == http.StatusUnauthorized { + atomic.StoreUint32(&t.disabled, 0) + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go index 87b9ff3..343a210 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go @@ -83,6 +83,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol p := &ps[i] custAddEC2Metadata(p) custAddS3DualStack(p) + custRegionalS3(p) custRmIotDataService(p) custFixAppAutoscalingChina(p) custFixAppAutoscalingUsGov(p) @@ -100,6 +101,33 @@ func custAddS3DualStack(p *partition) { custAddDualstack(p, "s3-control") } +func custRegionalS3(p *partition) { + if p.ID != "aws" { + return + } + + service, ok := p.Services["s3"] + if !ok { + return + } + + // If global endpoint already exists no customization needed. + if _, ok := service.Endpoints["aws-global"]; ok { + return + } + + service.PartitionEndpoint = "aws-global" + service.Endpoints["us-east-1"] = endpoint{} + service.Endpoints["aws-global"] = endpoint{ + Hostname: "s3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + } + + p.Services["s3"] = service +} + func custAddDualstack(p *partition, svcName string) { s, ok := p.Services[svcName] if !ok { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 91596fa..8b030eb 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -169,7 +169,7 @@ var awsPartition = partition{ "us-east-1": endpoint{}, }, }, - "acm": service{ + "access-analyzer": service{ Endpoints: endpoints{ "ap-east-1": endpoint{}, @@ -192,6 +192,59 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "acm": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "ca-central-1-fips": endpoint{ + Hostname: "acm-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "acm-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "acm-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "acm-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "acm-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "acm-pca": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -209,10 +262,42 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "acm-pca-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "acm-pca-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "acm-pca-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "acm-pca-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "api.ecr": service{ @@ -366,6 +451,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -422,11 +508,7 @@ var awsPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, }, Endpoints: endpoints{ "ap-east-1": endpoint{}, @@ -459,8 +541,12 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -521,8 +607,12 @@ var awsPartition = partition{ "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -553,11 +643,7 @@ var awsPartition = partition{ }, "autoscaling-plans": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "autoscaling-plans", - }, }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, @@ -578,14 +664,20 @@ var awsPartition = partition{ "backup": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -662,9 +754,15 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -756,6 +854,7 @@ var awsPartition = partition{ "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -850,6 +949,7 @@ var awsPartition = partition{ "codecommit": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -867,11 +967,12 @@ var awsPartition = partition{ Region: "ca-central-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "codedeploy": service{ @@ -1014,6 +1115,9 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, @@ -1064,8 +1168,10 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, @@ -1089,6 +1195,22 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "dataexchange": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "datapipeline": service{ Endpoints: endpoints{ @@ -1102,12 +1224,15 @@ var awsPartition = partition{ "datasync": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1136,6 +1261,7 @@ var awsPartition = partition{ }, }, "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1151,6 +1277,8 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1190,7 +1318,8 @@ var awsPartition = partition{ "discovery": service{ Endpoints: endpoints{ - "us-west-2": endpoint{}, + "eu-central-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "dms": service{ @@ -1231,12 +1360,30 @@ var awsPartition = partition{ Region: "ap-northeast-2", }, }, + "ap-south-1": endpoint{ + Hostname: "rds.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "ap-southeast-1": endpoint{ + Hostname: "rds.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, "ap-southeast-2": endpoint{ Hostname: "rds.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-2", }, }, + "ca-central-1": endpoint{ + Hostname: "rds.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, "eu-central-1": endpoint{ Hostname: "rds.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1255,6 +1402,12 @@ var awsPartition = partition{ Region: "eu-west-2", }, }, + "eu-west-3": endpoint{ + Hostname: "rds.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, "us-east-1": endpoint{ Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1278,6 +1431,7 @@ var awsPartition = partition{ "ds": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1288,6 +1442,7 @@ var awsPartition = partition{ "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1471,6 +1626,7 @@ var awsPartition = partition{ "elasticfilesystem": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1478,9 +1634,12 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1643,6 +1802,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1657,17 +1817,45 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, + "forecast": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "forecastquery": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "fsx": service{ Endpoints: endpoints{ @@ -1773,8 +1961,10 @@ var awsPartition = partition{ "groundstation": service{ Endpoints: endpoints{ - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "eu-north-1": endpoint{}, + "me-south-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "guardduty": service{ @@ -1920,9 +2110,12 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -1937,6 +2130,18 @@ var awsPartition = partition{ Region: "ap-northeast-1", }, }, + "ap-northeast-2": endpoint{ + Hostname: "data.iotevents.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "ap-southeast-1": endpoint{ + Hostname: "data.iotevents.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, "ap-southeast-2": endpoint{ Hostname: "data.iotevents.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ @@ -1955,6 +2160,12 @@ var awsPartition = partition{ Region: "eu-west-1", }, }, + "eu-west-2": endpoint{ + Hostname: "data.iotevents.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, "us-east-1": endpoint{ Hostname: "data.iotevents.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1975,6 +2186,29 @@ var awsPartition = partition{ }, }, }, + "iotsecuredtunneling": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "iotthingsgraph": service{ Defaults: endpoint{ CredentialScope: credentialScope{ @@ -1993,18 +2227,23 @@ var awsPartition = partition{ "kafka": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2034,16 +2273,20 @@ var awsPartition = partition{ "kinesisanalytics": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -2052,11 +2295,20 @@ var awsPartition = partition{ "kinesisvideo": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, + "us-east-2": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2087,9 +2339,17 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2196,6 +2456,7 @@ var awsPartition = partition{ "mediaconnect": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2244,8 +2505,11 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, + "us-east-2": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2310,7 +2574,8 @@ var awsPartition = partition{ "mgh": service{ Endpoints: endpoints{ - "us-west-2": endpoint{}, + "eu-central-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mobileanalytics": service{ @@ -2326,9 +2591,10 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "monitoring": service{ @@ -2359,6 +2625,7 @@ var awsPartition = partition{ "mq": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2366,13 +2633,40 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "mq-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "mq-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "mq-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "mq-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mturk-requester": service{ @@ -2418,6 +2712,12 @@ var awsPartition = partition{ Region: "ap-southeast-2", }, }, + "ca-central-1": endpoint{ + Hostname: "rds.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, "eu-central-1": endpoint{ Hostname: "rds.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2442,6 +2742,12 @@ var awsPartition = partition{ Region: "eu-west-2", }, }, + "me-south-1": endpoint{ + Hostname: "rds.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, "us-east-1": endpoint{ Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2462,6 +2768,65 @@ var awsPartition = partition{ }, }, }, + "oidc": service{ + + Endpoints: endpoints{ + "ap-southeast-1": endpoint{ + Hostname: "oidc.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "oidc.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "ca-central-1": endpoint{ + Hostname: "oidc.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{ + Hostname: "oidc.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "oidc.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "eu-west-2": endpoint{ + Hostname: "oidc.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "oidc.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{ + Hostname: "oidc.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-2": endpoint{ + Hostname: "oidc.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "opsworks": service{ Endpoints: endpoints{ @@ -2509,6 +2874,27 @@ var awsPartition = partition{ }, }, }, + "outposts": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "pinpoint": service{ Defaults: endpoint{ CredentialScope: credentialScope{ @@ -2520,13 +2906,36 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "pinpoint-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "pinpoint-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "pinpoint.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-west-2": endpoint{ + Hostname: "pinpoint.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "polly": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2538,6 +2947,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2545,6 +2955,65 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "portal.sso": service{ + + Endpoints: endpoints{ + "ap-southeast-1": endpoint{ + Hostname: "portal.sso.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "portal.sso.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "ca-central-1": endpoint{ + Hostname: "portal.sso.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{ + Hostname: "portal.sso.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "portal.sso.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "eu-west-2": endpoint{ + Hostname: "portal.sso.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "portal.sso.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{ + Hostname: "portal.sso.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-2": endpoint{ + Hostname: "portal.sso.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "projects.iot1click": service{ Endpoints: endpoints{ @@ -2561,6 +3030,10 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2570,6 +3043,7 @@ var awsPartition = partition{ "ram": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2581,6 +3055,8 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -2735,6 +3211,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2742,6 +3219,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2758,9 +3236,10 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "runtime.sagemaker": service{ @@ -2778,6 +3257,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -2810,7 +3290,7 @@ var awsPartition = partition{ }, }, "s3": service{ - PartitionEndpoint: "us-east-1", + PartitionEndpoint: "aws-global", IsRegionalized: boxedTrue, Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -2835,6 +3315,13 @@ var awsPartition = partition{ Hostname: "s3.ap-southeast-2.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, }, + "aws-global": endpoint{ + Hostname: "s3.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, @@ -2857,7 +3344,7 @@ var awsPartition = partition{ SignatureVersions: []string{"s3", "s3v4"}, }, "us-east-1": endpoint{ - Hostname: "s3.amazonaws.com", + Hostname: "s3.us-east-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, }, "us-east-2": endpoint{}, @@ -3022,6 +3509,29 @@ var awsPartition = partition{ }, }, }, + "savingsplans": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-global": endpoint{ + Hostname: "savingsplans.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, + "schemas": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "sdb": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -3043,6 +3553,7 @@ var awsPartition = partition{ "secretsmanager": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -3054,6 +3565,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -3113,6 +3625,9 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{ + Protocols: []string{"https"}, + }, "ap-northeast-1": endpoint{ Protocols: []string{"https"}, }, @@ -3146,6 +3661,9 @@ var awsPartition = partition{ "eu-west-3": endpoint{ Protocols: []string{"https"}, }, + "me-south-1": endpoint{ + Protocols: []string{"https"}, + }, "sa-east-1": endpoint{ Protocols: []string{"https"}, }, @@ -3235,6 +3753,10 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3506,44 +4028,29 @@ var awsPartition = partition{ }, "sts": service{ PartitionEndpoint: "aws-global", - Defaults: endpoint{ - Hostname: "sts.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, + Endpoints: endpoints{ - "ap-east-1": endpoint{ - Hostname: "sts.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{ - Hostname: "sts.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, + "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, - "aws-global": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{ - Hostname: "sts.me-south-1.amazonaws.com", + "aws-global": endpoint{ + Hostname: "sts.amazonaws.com", CredentialScope: credentialScope{ - Region: "me-south-1", + Region: "us-east-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ Hostname: "sts-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -3631,6 +4138,41 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "transcribestreaming": service{ + + Endpoints: endpoints{ + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "transfer": service{ Endpoints: endpoints{ @@ -3657,13 +4199,18 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ Hostname: "translate-fips.us-east-1.amazonaws.com", @@ -3678,6 +4225,7 @@ var awsPartition = partition{ Region: "us-east-2", }, }, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, "us-west-2-fips": endpoint{ Hostname: "translate-fips.us-west-2.amazonaws.com", @@ -3839,17 +4387,25 @@ var awscnPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com.cn", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, }, Endpoints: endpoints{ "cn-north-1": endpoint{}, "cn-northwest-1": endpoint{}, }, }, + "appsync": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, + "athena": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, "autoscaling": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -3859,6 +4415,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "batch": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "cloudformation": service{ Endpoints: endpoints{ @@ -3914,6 +4477,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "dax": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, "directconnect": service{ Endpoints: endpoints{ @@ -3985,6 +4554,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "elasticfilesystem": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "elasticloadbalancing": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -4039,6 +4615,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "glue": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, "greengrass": service{ IsRegionalized: boxedTrue, Defaults: endpoint{ @@ -4048,6 +4630,13 @@ var awscnPartition = partition{ "cn-north-1": endpoint{}, }, }, + "health": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "iam": service{ PartitionEndpoint: "aws-cn-global", IsRegionalized: boxedFalse, @@ -4127,6 +4716,17 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "neptune": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{ + Hostname: "rds.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "polly": service{ Endpoints: endpoints{ @@ -4179,6 +4779,26 @@ var awscnPartition = partition{ }, }, }, + "secretsmanager": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "serverlessrepo": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{ + Protocols: []string{"https"}, + }, + "cn-northwest-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, "sms": service{ Endpoints: endpoints{ @@ -4228,7 +4848,8 @@ var awscnPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, }, }, "streams.dynamodb": service{ @@ -4271,6 +4892,38 @@ var awscnPartition = partition{ }, "tagging": service{ + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{ + Hostname: "cn.transcribe.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + "cn-northwest-1": endpoint{ + Hostname: "cn.transcribe.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "workspaces": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, + "xray": service{ + Endpoints: endpoints{ "cn-north-1": endpoint{}, "cn-northwest-1": endpoint{}, @@ -4308,6 +4961,13 @@ var awsusgovPartition = partition{ }, }, Services: services{ + "access-analyzer": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "acm": service{ Endpoints: endpoints{ @@ -4356,7 +5016,8 @@ var awsusgovPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", + Hostname: "autoscaling.{region}.amazonaws.com", + Protocols: []string{"http", "https"}, CredentialScope: credentialScope{ Service: "application-autoscaling", }, @@ -4366,6 +5027,23 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "appstream2": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Service: "appstream", + }, + }, + Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, "athena": service{ Endpoints: endpoints{ @@ -4382,6 +5060,22 @@ var awsusgovPartition = partition{ }, }, }, + "autoscaling-plans": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "batch": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "clouddirectory": service{ Endpoints: endpoints{ @@ -4460,6 +5154,12 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "comprehendmedical": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "config": service{ Endpoints: endpoints{ @@ -4476,6 +5176,7 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -4567,6 +5268,7 @@ var awsusgovPartition = partition{ "elasticfilesystem": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -4845,6 +5547,13 @@ var awsusgovPartition = partition{ }, }, }, + "route53resolver": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "runtime.sagemaker": service{ Endpoints: endpoints{ @@ -4911,6 +5620,13 @@ var awsusgovPartition = partition{ "secretsmanager": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, "us-gov-west-1-fips": endpoint{ Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", @@ -5028,6 +5744,18 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "support": service{ + PartitionEndpoint: "aws-us-gov-global", + + Endpoints: endpoints{ + "aws-us-gov-global": endpoint{ + Hostname: "support.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "swf": service{ Endpoints: endpoints{ @@ -5042,6 +5770,15 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "translate": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -5108,13 +5845,21 @@ var awsisoPartition = partition{ }, }, }, + "api.sagemaker": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "apigateway": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, }, Endpoints: endpoints{ "us-iso-east-1": endpoint{}, @@ -5323,6 +6068,12 @@ var awsisoPartition = partition{ }, }, }, + "runtime.sagemaker": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "s3": service{ Defaults: endpoint{ SignatureVersions: []string{"s3v4"}, @@ -5436,11 +6187,7 @@ var awsisobPartition = partition{ Services: services{ "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, }, Endpoints: endpoints{ "us-isob-east-1": endpoint{}, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go index 9c936be..ca956e5 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go @@ -3,6 +3,7 @@ package endpoints import ( "fmt" "regexp" + "strings" "github.com/aws/aws-sdk-go/aws/awserr" ) @@ -46,6 +47,108 @@ type Options struct { // // This option is ignored if StrictMatching is enabled. ResolveUnknownService bool + + // STS Regional Endpoint flag helps with resolving the STS endpoint + STSRegionalEndpoint STSRegionalEndpoint + + // S3 Regional Endpoint flag helps with resolving the S3 endpoint + S3UsEast1RegionalEndpoint S3UsEast1RegionalEndpoint +} + +// STSRegionalEndpoint is an enum for the states of the STS Regional Endpoint +// options. +type STSRegionalEndpoint int + +func (e STSRegionalEndpoint) String() string { + switch e { + case LegacySTSEndpoint: + return "legacy" + case RegionalSTSEndpoint: + return "regional" + case UnsetSTSEndpoint: + return "" + default: + return "unknown" + } +} + +const ( + + // UnsetSTSEndpoint represents that STS Regional Endpoint flag is not specified. + UnsetSTSEndpoint STSRegionalEndpoint = iota + + // LegacySTSEndpoint represents when STS Regional Endpoint flag is specified + // to use legacy endpoints. + LegacySTSEndpoint + + // RegionalSTSEndpoint represents when STS Regional Endpoint flag is specified + // to use regional endpoints. + RegionalSTSEndpoint +) + +// GetSTSRegionalEndpoint function returns the STSRegionalEndpointFlag based +// on the input string provided in env config or shared config by the user. +// +// `legacy`, `regional` are the only case-insensitive valid strings for +// resolving the STS regional Endpoint flag. +func GetSTSRegionalEndpoint(s string) (STSRegionalEndpoint, error) { + switch { + case strings.EqualFold(s, "legacy"): + return LegacySTSEndpoint, nil + case strings.EqualFold(s, "regional"): + return RegionalSTSEndpoint, nil + default: + return UnsetSTSEndpoint, fmt.Errorf("unable to resolve the value of STSRegionalEndpoint for %v", s) + } +} + +// S3UsEast1RegionalEndpoint is an enum for the states of the S3 us-east-1 +// Regional Endpoint options. +type S3UsEast1RegionalEndpoint int + +func (e S3UsEast1RegionalEndpoint) String() string { + switch e { + case LegacyS3UsEast1Endpoint: + return "legacy" + case RegionalS3UsEast1Endpoint: + return "regional" + case UnsetS3UsEast1Endpoint: + return "" + default: + return "unknown" + } +} + +const ( + + // UnsetS3UsEast1Endpoint represents that S3 Regional Endpoint flag is not + // specified. + UnsetS3UsEast1Endpoint S3UsEast1RegionalEndpoint = iota + + // LegacyS3UsEast1Endpoint represents when S3 Regional Endpoint flag is + // specified to use legacy endpoints. + LegacyS3UsEast1Endpoint + + // RegionalS3UsEast1Endpoint represents when S3 Regional Endpoint flag is + // specified to use regional endpoints. + RegionalS3UsEast1Endpoint +) + +// GetS3UsEast1RegionalEndpoint function returns the S3UsEast1RegionalEndpointFlag based +// on the input string provided in env config or shared config by the user. +// +// `legacy`, `regional` are the only case-insensitive valid strings for +// resolving the S3 regional Endpoint flag. +func GetS3UsEast1RegionalEndpoint(s string) (S3UsEast1RegionalEndpoint, error) { + switch { + case strings.EqualFold(s, "legacy"): + return LegacyS3UsEast1Endpoint, nil + case strings.EqualFold(s, "regional"): + return RegionalS3UsEast1Endpoint, nil + default: + return UnsetS3UsEast1Endpoint, + fmt.Errorf("unable to resolve the value of S3UsEast1RegionalEndpoint for %v", s) + } } // Set combines all of the option functions together. @@ -79,6 +182,12 @@ func ResolveUnknownServiceOption(o *Options) { o.ResolveUnknownService = true } +// STSRegionalEndpointOption enables the STS endpoint resolver behavior to resolve +// STS endpoint to their regional endpoint, instead of the global endpoint. +func STSRegionalEndpointOption(o *Options) { + o.STSRegionalEndpoint = RegionalSTSEndpoint +} + // A Resolver provides the interface for functionality to resolve endpoints. // The build in Partition and DefaultResolver return value satisfy this interface. type Resolver interface { @@ -194,7 +303,7 @@ func (p Partition) ID() string { return p.id } // require the provided service and region to be known by the partition. // If the endpoint cannot be strictly resolved an error will be returned. This // mode is useful to ensure the endpoint resolved is valid. Without -// StrictMatching enabled the endpoint returned my look valid but may not work. +// StrictMatching enabled the endpoint returned may look valid but may not work. // StrictMatching requires the SDK to be updated if you want to take advantage // of new regions and services expansions. // @@ -208,7 +317,7 @@ func (p Partition) EndpointFor(service, region string, opts ...func(*Options)) ( // Regions returns a map of Regions indexed by their ID. This is useful for // enumerating over the regions in a partition. func (p Partition) Regions() map[string]Region { - rs := map[string]Region{} + rs := make(map[string]Region, len(p.p.Regions)) for id, r := range p.p.Regions { rs[id] = Region{ id: id, @@ -223,7 +332,7 @@ func (p Partition) Regions() map[string]Region { // Services returns a map of Service indexed by their ID. This is useful for // enumerating over the services in a partition. func (p Partition) Services() map[string]Service { - ss := map[string]Service{} + ss := make(map[string]Service, len(p.p.Services)) for id := range p.p.Services { ss[id] = Service{ id: id, @@ -310,7 +419,7 @@ func (s Service) Regions() map[string]Region { // A region is the AWS region the service exists in. Whereas a Endpoint is // an URL that can be resolved to a instance of a service. func (s Service) Endpoints() map[string]Endpoint { - es := map[string]Endpoint{} + es := make(map[string]Endpoint, len(s.p.Services[s.id].Endpoints)) for id := range s.p.Services[s.id].Endpoints { es[id] = Endpoint{ id: id, @@ -350,6 +459,9 @@ type ResolvedEndpoint struct { // The endpoint URL URL string + // The endpoint partition + PartitionID string + // The region that should be used for signing requests. SigningRegion string diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go new file mode 100644 index 0000000..df75e89 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go @@ -0,0 +1,24 @@ +package endpoints + +var legacyGlobalRegions = map[string]map[string]struct{}{ + "sts": { + "ap-northeast-1": {}, + "ap-south-1": {}, + "ap-southeast-1": {}, + "ap-southeast-2": {}, + "ca-central-1": {}, + "eu-central-1": {}, + "eu-north-1": {}, + "eu-west-1": {}, + "eu-west-2": {}, + "eu-west-3": {}, + "sa-east-1": {}, + "us-east-1": {}, + "us-east-2": {}, + "us-west-1": {}, + "us-west-2": {}, + }, + "s3": { + "us-east-1": {}, + }, +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go index 523ad79..eb2ac83 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go @@ -75,24 +75,56 @@ func (p partition) canResolveEndpoint(service, region string, strictMatch bool) return p.RegionRegex.MatchString(region) } +func allowLegacyEmptyRegion(service string) bool { + legacy := map[string]struct{}{ + "budgets": {}, + "ce": {}, + "chime": {}, + "cloudfront": {}, + "ec2metadata": {}, + "iam": {}, + "importexport": {}, + "organizations": {}, + "route53": {}, + "sts": {}, + "support": {}, + "waf": {}, + } + + _, allowed := legacy[service] + return allowed +} + func (p partition) EndpointFor(service, region string, opts ...func(*Options)) (resolved ResolvedEndpoint, err error) { var opt Options opt.Set(opts...) s, hasService := p.Services[service] - if !(hasService || opt.ResolveUnknownService) { + if len(service) == 0 || !(hasService || opt.ResolveUnknownService) { // Only return error if the resolver will not fallback to creating // endpoint based on service endpoint ID passed in. return resolved, NewUnknownServiceError(p.ID, service, serviceList(p.Services)) } + if len(region) == 0 && allowLegacyEmptyRegion(service) && len(s.PartitionEndpoint) != 0 { + region = s.PartitionEndpoint + } + + if (service == "sts" && opt.STSRegionalEndpoint != RegionalSTSEndpoint) || + (service == "s3" && opt.S3UsEast1RegionalEndpoint != RegionalS3UsEast1Endpoint) { + if _, ok := legacyGlobalRegions[service][region]; ok { + region = "aws-global" + } + } + e, hasEndpoint := s.endpointForRegion(region) - if !hasEndpoint && opt.StrictMatching { + if len(region) == 0 || (!hasEndpoint && opt.StrictMatching) { return resolved, NewUnknownEndpointError(p.ID, service, region, endpointList(s.Endpoints)) } defs := []endpoint{p.Defaults, s.Defaults} - return e.resolve(service, region, p.DNSSuffix, defs, opt), nil + + return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt), nil } func serviceList(ss services) []string { @@ -201,7 +233,7 @@ func getByPriority(s []string, p []string, def string) string { return s[0] } -func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint { +func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint { var merged endpoint for _, def := range defs { merged.mergeIn(def) @@ -209,11 +241,23 @@ func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, op merged.mergeIn(e) e = merged - hostname := e.Hostname + signingRegion := e.CredentialScope.Region + if len(signingRegion) == 0 { + signingRegion = region + } + signingName := e.CredentialScope.Service + var signingNameDerived bool + if len(signingName) == 0 { + signingName = service + signingNameDerived = true + } + + hostname := e.Hostname // Offset the hostname for dualstack if enabled if opts.UseDualStack && e.HasDualStack == boxedTrue { hostname = e.DualStackHostname + region = signingRegion } u := strings.Replace(hostname, "{service}", service, 1) @@ -223,20 +267,9 @@ func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, op scheme := getEndpointScheme(e.Protocols, opts.DisableSSL) u = fmt.Sprintf("%s://%s", scheme, u) - signingRegion := e.CredentialScope.Region - if len(signingRegion) == 0 { - signingRegion = region - } - - signingName := e.CredentialScope.Service - var signingNameDerived bool - if len(signingName) == 0 { - signingName = service - signingNameDerived = true - } - return ResolvedEndpoint{ URL: u, + PartitionID: partitionID, SigningRegion: signingRegion, SigningName: signingName, SigningNameDerived: signingNameDerived, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go index 185b073..e819ab6 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go @@ -10,6 +10,7 @@ import ( type Handlers struct { Validate HandlerList Build HandlerList + BuildStream HandlerList Sign HandlerList Send HandlerList ValidateResponse HandlerList @@ -28,6 +29,7 @@ func (h *Handlers) Copy() Handlers { return Handlers{ Validate: h.Validate.copy(), Build: h.Build.copy(), + BuildStream: h.BuildStream.copy(), Sign: h.Sign.copy(), Send: h.Send.copy(), ValidateResponse: h.ValidateResponse.copy(), @@ -46,6 +48,7 @@ func (h *Handlers) Copy() Handlers { func (h *Handlers) Clear() { h.Validate.Clear() h.Build.Clear() + h.BuildStream.Clear() h.Send.Clear() h.Sign.Clear() h.Unmarshal.Clear() @@ -67,6 +70,9 @@ func (h *Handlers) IsEmpty() bool { if h.Build.Len() != 0 { return false } + if h.BuildStream.Len() != 0 { + return false + } if h.Send.Len() != 0 { return false } @@ -320,3 +326,18 @@ func MakeAddToUserAgentFreeFormHandler(s string) func(*Request) { AddToUserAgent(r, s) } } + +// WithSetRequestHeaders updates the operation request's HTTP header to contain +// the header key value pairs provided. If the header key already exists in the +// request's HTTP header set, the existing value(s) will be replaced. +func WithSetRequestHeaders(h map[string]string) Option { + return withRequestHeader(h).SetRequestHeaders +} + +type withRequestHeader map[string]string + +func (h withRequestHeader) SetRequestHeaders(r *Request) { + for k, v := range h { + r.HTTPRequest.Header[k] = []string{v} + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go index 8e332cc..d597c6e 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go @@ -36,6 +36,10 @@ const ( // API request that was canceled. Requests given a aws.Context may // return this error when canceled. CanceledErrorCode = "RequestCanceled" + + // ErrCodeRequestError is an error preventing the SDK from continuing to + // process the request. + ErrCodeRequestError = "RequestError" ) // A Request is the service request to be made. @@ -51,6 +55,7 @@ type Request struct { HTTPRequest *http.Request HTTPResponse *http.Response Body io.ReadSeeker + streamingBody io.ReadCloser BodyStart int64 // offset from beginning of Body that the request body starts Params interface{} Error error @@ -99,8 +104,12 @@ type Operation struct { BeforePresignFn func(r *Request) error } -// New returns a new Request pointer for the service API -// operation and parameters. +// New returns a new Request pointer for the service API operation and +// parameters. +// +// A Retryer should be provided to direct how the request is retried. If +// Retryer is nil, a default no retry value will be used. You can use +// NoOpRetryer in the Client package to disable retry behavior directly. // // Params is any value of input parameters to be the request payload. // Data is pointer value to an object which the request's response @@ -108,6 +117,10 @@ type Operation struct { func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers, retryer Retryer, operation *Operation, params interface{}, data interface{}) *Request { + if retryer == nil { + retryer = noOpRetryer{} + } + method := operation.HTTPMethod if method == "" { method = "POST" @@ -122,8 +135,6 @@ func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers, err = awserr.New("InvalidEndpointURL", "invalid endpoint uri", err) } - SanitizeHostForHeader(httpReq) - r := &Request{ Config: cfg, ClientInfo: clientInfo, @@ -287,6 +298,13 @@ func (r *Request) SetReaderBody(reader io.ReadSeeker) { r.ResetBody() } +// SetStreamingBody set the reader to be used for the request that will stream +// bytes to the server. Request's Body must not be set to any reader. +func (r *Request) SetStreamingBody(reader io.ReadCloser) { + r.streamingBody = reader + r.SetReaderBody(aws.ReadSeekCloser(reader)) +} + // Presign returns the request's signed URL. Error will be returned // if the signing fails. The expire parameter is only used for presigned Amazon // S3 API requests. All other AWS services will use a fixed expiration @@ -406,11 +424,17 @@ func (r *Request) Sign() error { return r.Error } + SanitizeHostForHeader(r.HTTPRequest) + r.Handlers.Sign.Run(r) return r.Error } func (r *Request) getNextRequestBody() (body io.ReadCloser, err error) { + if r.streamingBody != nil { + return r.streamingBody, nil + } + if r.safeBody != nil { r.safeBody.Close() } @@ -615,6 +639,10 @@ func getHost(r *http.Request) string { return r.Host } + if r.URL == nil { + return "" + } + return r.URL.Host } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go index f093fc5..64784e1 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go @@ -17,11 +17,13 @@ import ( // does the pagination between API operations, and Paginator defines the // configuration that will be used per page request. // -// cont := true -// for p.Next() && cont { +// for p.Next() { // data := p.Page().(*s3.ListObjectsOutput) // // process the page's data +// // ... +// // break out of loop to stop fetching additional pages // } +// // return p.Err() // // See service client API operation Pages methods for examples how the SDK will diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go index e84084d..752ae47 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go @@ -35,16 +35,47 @@ type Retryer interface { } // WithRetryer sets a Retryer value to the given Config returning the Config -// value for chaining. +// value for chaining. The value must not be nil. func WithRetryer(cfg *aws.Config, retryer Retryer) *aws.Config { + if retryer == nil { + if cfg.Logger != nil { + cfg.Logger.Log("ERROR: Request.WithRetryer called with nil retryer. Replacing with retry disabled Retryer.") + } + retryer = noOpRetryer{} + } cfg.Retryer = retryer return cfg + +} + +// noOpRetryer is a internal no op retryer used when a request is created +// without a retryer. +// +// Provides a retryer that performs no retries. +// It should be used when we do not want retries to be performed. +type noOpRetryer struct{} + +// MaxRetries returns the number of maximum returns the service will use to make +// an individual API; For NoOpRetryer the MaxRetries will always be zero. +func (d noOpRetryer) MaxRetries() int { + return 0 +} + +// ShouldRetry will always return false for NoOpRetryer, as it should never retry. +func (d noOpRetryer) ShouldRetry(_ *Request) bool { + return false +} + +// RetryRules returns the delay duration before retrying this request again; +// since NoOpRetryer does not retry, RetryRules always returns 0. +func (d noOpRetryer) RetryRules(_ *Request) time.Duration { + return 0 } // retryableCodes is a collection of service response codes which are retry-able // without any further action. var retryableCodes = map[string]struct{}{ - "RequestError": {}, + ErrCodeRequestError: {}, "RequestTimeout": {}, ErrCodeResponseTimeout: {}, "RequestTimeoutException": {}, // Glacier's flavor of RequestTimeout @@ -52,6 +83,7 @@ var retryableCodes = map[string]struct{}{ var throttleCodes = map[string]struct{}{ "ProvisionedThroughputExceededException": {}, + "ThrottledException": {}, // SNS, XRay, ResourceGroupsTagging API "Throttling": {}, "ThrottlingException": {}, "RequestLimitExceeded": {}, @@ -60,6 +92,7 @@ var throttleCodes = map[string]struct{}{ "TooManyRequestsException": {}, // Lambda functions "PriorRequestNotComplete": {}, // Route53 "TransactionInProgressException": {}, + "EC2ThrottledException": {}, // EC2 } // credsExpiredCodes is a collection of error codes which signify the credentials @@ -145,8 +178,8 @@ func shouldRetryError(origErr error) bool { origErr := err.OrigErr() var shouldRetry bool if origErr != nil { - shouldRetry := shouldRetryError(origErr) - if err.Code() == "RequestError" && !shouldRetry { + shouldRetry = shouldRetryError(origErr) + if err.Code() == ErrCodeRequestError && !shouldRetry { return false } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go index 7713ccf..cc64e24 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -47,10 +47,10 @@ func resolveCredentials(cfg *aws.Config, } // WebIdentityEmptyRoleARNErr will occur if 'AWS_WEB_IDENTITY_TOKEN_FILE' was set but -// 'AWS_IAM_ROLE_ARN' was not set. +// 'AWS_ROLE_ARN' was not set. var WebIdentityEmptyRoleARNErr = awserr.New(stscreds.ErrCodeWebIdentity, "role ARN is not set", nil) -// WebIdentityEmptyTokenFilePathErr will occur if 'AWS_IAM_ROLE_ARN' was set but +// WebIdentityEmptyTokenFilePathErr will occur if 'AWS_ROLE_ARN' was set but // 'AWS_WEB_IDENTITY_TOKEN_FILE' was not set. var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, "token file path is not set", nil) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index 60a6f9c..c1e0e9c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -1,12 +1,15 @@ package session import ( + "fmt" "os" "strconv" + "strings" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/defaults" + "github.com/aws/aws-sdk-go/aws/endpoints" ) // EnvProviderName provides a name of the provider when config is loaded from environment. @@ -125,6 +128,26 @@ type envConfig struct { // // AWS_ROLE_SESSION_NAME=session_name RoleSessionName string + + // Specifies the STS Regional Endpoint flag for the SDK to resolve the endpoint + // for a service. + // + // AWS_STS_REGIONAL_ENDPOINTS=regional + // This can take value as `regional` or `legacy` + STSRegionalEndpoint endpoints.STSRegionalEndpoint + + // Specifies the S3 Regional Endpoint flag for the SDK to resolve the + // endpoint for a service. + // + // AWS_S3_US_EAST_1_REGIONAL_ENDPOINT=regional + // This can take value as `regional` or `legacy` + S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint + + // Specifies if the S3 service should allow ARNs to direct the region + // the client's requests are sent to. + // + // AWS_S3_USE_ARN_REGION=true + S3UseARNRegion bool } var ( @@ -179,6 +202,15 @@ var ( roleSessionNameEnvKey = []string{ "AWS_ROLE_SESSION_NAME", } + stsRegionalEndpointKey = []string{ + "AWS_STS_REGIONAL_ENDPOINTS", + } + s3UsEast1RegionalEndpoint = []string{ + "AWS_S3_US_EAST_1_REGIONAL_ENDPOINT", + } + s3UseARNRegionEnvKey = []string{ + "AWS_S3_USE_ARN_REGION", + } ) // loadEnvConfig retrieves the SDK's environment configuration. @@ -187,7 +219,7 @@ var ( // If the environment variable `AWS_SDK_LOAD_CONFIG` is set to a truthy value // the shared SDK config will be loaded in addition to the SDK's specific // configuration values. -func loadEnvConfig() envConfig { +func loadEnvConfig() (envConfig, error) { enableSharedConfig, _ := strconv.ParseBool(os.Getenv("AWS_SDK_LOAD_CONFIG")) return envConfigLoad(enableSharedConfig) } @@ -198,11 +230,11 @@ func loadEnvConfig() envConfig { // Loads the shared configuration in addition to the SDK's specific configuration. // This will load the same values as `loadEnvConfig` if the `AWS_SDK_LOAD_CONFIG` // environment variable is set. -func loadSharedEnvConfig() envConfig { +func loadSharedEnvConfig() (envConfig, error) { return envConfigLoad(true) } -func envConfigLoad(enableSharedConfig bool) envConfig { +func envConfigLoad(enableSharedConfig bool) (envConfig, error) { cfg := envConfig{} cfg.EnableSharedConfig = enableSharedConfig @@ -264,12 +296,48 @@ func envConfigLoad(enableSharedConfig bool) envConfig { cfg.CustomCABundle = os.Getenv("AWS_CA_BUNDLE") - return cfg + var err error + // STS Regional Endpoint variable + for _, k := range stsRegionalEndpointKey { + if v := os.Getenv(k); len(v) != 0 { + cfg.STSRegionalEndpoint, err = endpoints.GetSTSRegionalEndpoint(v) + if err != nil { + return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err) + } + } + } + + // S3 Regional Endpoint variable + for _, k := range s3UsEast1RegionalEndpoint { + if v := os.Getenv(k); len(v) != 0 { + cfg.S3UsEast1RegionalEndpoint, err = endpoints.GetS3UsEast1RegionalEndpoint(v) + if err != nil { + return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err) + } + } + } + + var s3UseARNRegion string + setFromEnvVal(&s3UseARNRegion, s3UseARNRegionEnvKey) + if len(s3UseARNRegion) != 0 { + switch { + case strings.EqualFold(s3UseARNRegion, "false"): + cfg.S3UseARNRegion = false + case strings.EqualFold(s3UseARNRegion, "true"): + cfg.S3UseARNRegion = true + default: + return envConfig{}, fmt.Errorf( + "invalid value for environment variable, %s=%s, need true or false", + s3UseARNRegionEnvKey[0], s3UseARNRegion) + } + } + + return cfg, nil } func setFromEnvVal(dst *string, keys []string) { for _, k := range keys { - if v := os.Getenv(k); len(v) > 0 { + if v := os.Getenv(k); len(v) != 0 { *dst = v break } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 7b0a942..0ff4996 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -73,7 +73,7 @@ type Session struct { // func is called instead of waiting to receive an error until a request is made. func New(cfgs ...*aws.Config) *Session { // load initial config from environment - envCfg := loadEnvConfig() + envCfg, envErr := loadEnvConfig() if envCfg.EnableSharedConfig { var cfg aws.Config @@ -93,17 +93,17 @@ func New(cfgs ...*aws.Config) *Session { // Session creation failed, need to report the error and prevent // any requests from succeeding. s = &Session{Config: defaults.Config()} - s.Config.MergeIn(cfgs...) - s.Config.Logger.Log("ERROR:", msg, "Error:", err) - s.Handlers.Validate.PushBack(func(r *request.Request) { - r.Error = err - }) + s.logDeprecatedNewSessionError(msg, err, cfgs) } return s } s := deprecatedNewSession(cfgs...) + if envErr != nil { + msg := "failed to load env config" + s.logDeprecatedNewSessionError(msg, envErr, cfgs) + } if csmCfg, err := loadCSMConfig(envCfg, []string{}); err != nil { if l := s.Config.Logger; l != nil { @@ -112,11 +112,8 @@ func New(cfgs ...*aws.Config) *Session { } else if csmCfg.Enabled { err := enableCSM(&s.Handlers, csmCfg, s.Config.Logger) if err != nil { - err = fmt.Errorf("failed to enable CSM, %v", err) - s.Config.Logger.Log("ERROR:", err.Error()) - s.Handlers.Validate.PushBack(func(r *request.Request) { - r.Error = err - }) + msg := "failed to enable CSM" + s.logDeprecatedNewSessionError(msg, err, cfgs) } } @@ -279,10 +276,17 @@ type Options struct { // })) func NewSessionWithOptions(opts Options) (*Session, error) { var envCfg envConfig + var err error if opts.SharedConfigState == SharedConfigEnable { - envCfg = loadSharedEnvConfig() + envCfg, err = loadSharedEnvConfig() + if err != nil { + return nil, fmt.Errorf("failed to load shared config, %v", err) + } } else { - envCfg = loadEnvConfig() + envCfg, err = loadEnvConfig() + if err != nil { + return nil, fmt.Errorf("failed to load environment config, %v", err) + } } if len(opts.Profile) != 0 { @@ -550,6 +554,22 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, } } + // Regional Endpoint flag for STS endpoint resolving + mergeSTSRegionalEndpointConfig(cfg, []endpoints.STSRegionalEndpoint{ + userCfg.STSRegionalEndpoint, + envCfg.STSRegionalEndpoint, + sharedCfg.STSRegionalEndpoint, + endpoints.LegacySTSEndpoint, + }) + + // Regional Endpoint flag for S3 endpoint resolving + mergeS3UsEast1RegionalEndpointConfig(cfg, []endpoints.S3UsEast1RegionalEndpoint{ + userCfg.S3UsEast1RegionalEndpoint, + envCfg.S3UsEast1RegionalEndpoint, + sharedCfg.S3UsEast1RegionalEndpoint, + endpoints.LegacyS3UsEast1Endpoint, + }) + // Configure credentials if not already set by the user when creating the // Session. if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { @@ -560,9 +580,35 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, cfg.Credentials = creds } + cfg.S3UseARNRegion = userCfg.S3UseARNRegion + if cfg.S3UseARNRegion == nil { + cfg.S3UseARNRegion = &envCfg.S3UseARNRegion + } + if cfg.S3UseARNRegion == nil { + cfg.S3UseARNRegion = &sharedCfg.S3UseARNRegion + } + return nil } +func mergeSTSRegionalEndpointConfig(cfg *aws.Config, values []endpoints.STSRegionalEndpoint) { + for _, v := range values { + if v != endpoints.UnsetSTSEndpoint { + cfg.STSRegionalEndpoint = v + break + } + } +} + +func mergeS3UsEast1RegionalEndpointConfig(cfg *aws.Config, values []endpoints.S3UsEast1RegionalEndpoint) { + for _, v := range values { + if v != endpoints.UnsetS3UsEast1Endpoint { + cfg.S3UsEast1RegionalEndpoint = v + break + } + } +} + func initHandlers(s *Session) { // Add the Validate parameter handler if it is not disabled. s.Handlers.Validate.Remove(corehandlers.ValidateParametersHandler) @@ -591,47 +637,67 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session { // ClientConfig satisfies the client.ConfigProvider interface and is used to // configure the service client instances. Passing the Session to the service // client's constructor (New) will use this method to configure the client. -func (s *Session) ClientConfig(serviceName string, cfgs ...*aws.Config) client.Config { - // Backwards compatibility, the error will be eaten if user calls ClientConfig - // directly. All SDK services will use ClientconfigWithError. - cfg, _ := s.clientConfigWithErr(serviceName, cfgs...) - - return cfg -} - -func (s *Session) clientConfigWithErr(serviceName string, cfgs ...*aws.Config) (client.Config, error) { +func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Config { s = s.Copy(cfgs...) - var resolved endpoints.ResolvedEndpoint - var err error - region := aws.StringValue(s.Config.Region) - - if endpoint := aws.StringValue(s.Config.Endpoint); len(endpoint) != 0 { - resolved.URL = endpoints.AddScheme(endpoint, aws.BoolValue(s.Config.DisableSSL)) - resolved.SigningRegion = region - } else { - resolved, err = s.Config.EndpointResolver.EndpointFor( - serviceName, region, - func(opt *endpoints.Options) { - opt.DisableSSL = aws.BoolValue(s.Config.DisableSSL) - opt.UseDualStack = aws.BoolValue(s.Config.UseDualStack) - - // Support the condition where the service is modeled but its - // endpoint metadata is not available. - opt.ResolveUnknownService = true - }, - ) + resolved, err := s.resolveEndpoint(service, region, s.Config) + if err != nil { + s.Handlers.Validate.PushBack(func(r *request.Request) { + if len(r.ClientInfo.Endpoint) != 0 { + // Error occurred while resolving endpoint, but the request + // being invoked has had an endpoint specified after the client + // was created. + return + } + r.Error = err + }) } return client.Config{ Config: s.Config, Handlers: s.Handlers, + PartitionID: resolved.PartitionID, Endpoint: resolved.URL, SigningRegion: resolved.SigningRegion, SigningNameDerived: resolved.SigningNameDerived, SigningName: resolved.SigningName, - }, err + } +} + +func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) { + + if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 { + return endpoints.ResolvedEndpoint{ + URL: endpoints.AddScheme(ep, aws.BoolValue(cfg.DisableSSL)), + SigningRegion: region, + }, nil + } + + resolved, err := cfg.EndpointResolver.EndpointFor(service, region, + func(opt *endpoints.Options) { + opt.DisableSSL = aws.BoolValue(cfg.DisableSSL) + opt.UseDualStack = aws.BoolValue(cfg.UseDualStack) + // Support for STSRegionalEndpoint where the STSRegionalEndpoint is + // provided in envConfig or sharedConfig with envConfig getting + // precedence. + opt.STSRegionalEndpoint = cfg.STSRegionalEndpoint + + // Support for S3UsEast1RegionalEndpoint where the S3UsEast1RegionalEndpoint is + // provided in envConfig or sharedConfig with envConfig getting + // precedence. + opt.S3UsEast1RegionalEndpoint = cfg.S3UsEast1RegionalEndpoint + + // Support the condition where the service is modeled but its + // endpoint metadata is not available. + opt.ResolveUnknownService = true + }, + ) + if err != nil { + return endpoints.ResolvedEndpoint{}, err + } + + return resolved, nil } // ClientConfigNoResolveEndpoint is the same as ClientConfig with the exception @@ -641,12 +707,9 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf s = s.Copy(cfgs...) var resolved endpoints.ResolvedEndpoint - - region := aws.StringValue(s.Config.Region) - if ep := aws.StringValue(s.Config.Endpoint); len(ep) > 0 { resolved.URL = endpoints.AddScheme(ep, aws.BoolValue(s.Config.DisableSSL)) - resolved.SigningRegion = region + resolved.SigningRegion = aws.StringValue(s.Config.Region) } return client.Config{ @@ -658,3 +721,14 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf SigningName: resolved.SigningName, } } + +// logDeprecatedNewSessionError function enables error handling for session +func (s *Session) logDeprecatedNewSessionError(msg string, err error, cfgs []*aws.Config) { + // Session creation failed, need to report the error and prevent + // any requests from succeeding. + s.Config.MergeIn(cfgs...) + s.Config.Logger.Log("ERROR:", msg, "Error:", err) + s.Handlers.Validate.PushBack(func(r *request.Request) { + r.Error = err + }) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index d91ac93..a8ed880 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -5,6 +5,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/internal/ini" ) @@ -40,10 +41,19 @@ const ( // Web Identity Token File webIdentityTokenFileKey = `web_identity_token_file` // optional + // Additional config fields for regional or legacy endpoints + stsRegionalEndpointSharedKey = `sts_regional_endpoints` + + // Additional config fields for regional or legacy endpoints + s3UsEast1RegionalSharedKey = `s3_us_east_1_regional_endpoint` + // DefaultSharedConfigProfile is the default profile to be used when // loading configuration from the config files if another profile name // is not provided. DefaultSharedConfigProfile = `default` + + // S3 ARN Region Usage + s3UseARNRegionKey = "s3_use_arn_region" ) // sharedConfig represents the configuration fields of the SDK config files. @@ -88,6 +98,24 @@ type sharedConfig struct { CSMHost string CSMPort string CSMClientID string + + // Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service + // + // sts_regional_endpoints = regional + // This can take value as `LegacySTSEndpoint` or `RegionalSTSEndpoint` + STSRegionalEndpoint endpoints.STSRegionalEndpoint + + // Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service + // + // s3_us_east_1_regional_endpoint = regional + // This can take value as `LegacyS3UsEast1Endpoint` or `RegionalS3UsEast1Endpoint` + S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint + + // Specifies if the S3 service should allow ARNs to direct the region + // the client's requests are sent to. + // + // s3_use_arn_region=true + S3UseARNRegion bool } type sharedConfigFile struct { @@ -244,8 +272,25 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e updateString(&cfg.RoleSessionName, section, roleSessionNameKey) updateString(&cfg.SourceProfileName, section, sourceProfileKey) updateString(&cfg.CredentialSource, section, credentialSourceKey) - updateString(&cfg.Region, section, regionKey) + + if v := section.String(stsRegionalEndpointSharedKey); len(v) != 0 { + sre, err := endpoints.GetSTSRegionalEndpoint(v) + if err != nil { + return fmt.Errorf("failed to load %s from shared config, %s, %v", + stsRegionalEndpointSharedKey, file.Filename, err) + } + cfg.STSRegionalEndpoint = sre + } + + if v := section.String(s3UsEast1RegionalSharedKey); len(v) != 0 { + sre, err := endpoints.GetS3UsEast1RegionalEndpoint(v) + if err != nil { + return fmt.Errorf("failed to load %s from shared config, %s, %v", + s3UsEast1RegionalSharedKey, file.Filename, err) + } + cfg.S3UsEast1RegionalEndpoint = sre + } } updateString(&cfg.CredentialProcess, section, credentialProcessKey) @@ -271,6 +316,8 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e updateString(&cfg.CSMPort, section, csmPortKey) updateString(&cfg.CSMClientID, section, csmClientIDKey) + updateBool(&cfg.S3UseARNRegion, section, s3UseARNRegionKey) + return nil } @@ -363,6 +410,15 @@ func updateString(dst *string, section ini.Section, key string) { *dst = section.String(key) } +// updateBool will only update the dst with the value in the section key, key +// is present in the section. +func updateBool(dst *bool, section ini.Section, key string) { + if !section.Has(key) { + return + } + *dst = section.Bool(key) +} + // updateBoolPtr will only update the dst with the value in the section key, // key is present in the section. func updateBoolPtr(dst **bool, section ini.Section, key string) { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go index 244c86d..07ea799 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go @@ -1,8 +1,7 @@ package v4 import ( - "net/http" - "strings" + "github.com/aws/aws-sdk-go/internal/strings" ) // validator houses a set of rule needed for validation of a @@ -61,7 +60,7 @@ type patterns []string // been found func (p patterns) IsValid(value string) bool { for _, pattern := range p { - if strings.HasPrefix(http.CanonicalHeaderKey(value), pattern) { + if strings.HasPrefixFold(value, pattern) { return true } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go new file mode 100644 index 0000000..02cbd97 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go @@ -0,0 +1,63 @@ +package v4 + +import ( + "encoding/hex" + "strings" + "time" + + "github.com/aws/aws-sdk-go/aws/credentials" +) + +type credentialValueProvider interface { + Get() (credentials.Value, error) +} + +// StreamSigner implements signing of event stream encoded payloads +type StreamSigner struct { + region string + service string + + credentials credentialValueProvider + + prevSig []byte +} + +// NewStreamSigner creates a SigV4 signer used to sign Event Stream encoded messages +func NewStreamSigner(region, service string, seedSignature []byte, credentials *credentials.Credentials) *StreamSigner { + return &StreamSigner{ + region: region, + service: service, + credentials: credentials, + prevSig: seedSignature, + } +} + +// GetSignature takes an event stream encoded headers and payload and returns a signature +func (s *StreamSigner) GetSignature(headers, payload []byte, date time.Time) ([]byte, error) { + credValue, err := s.credentials.Get() + if err != nil { + return nil, err + } + + sigKey := deriveSigningKey(s.region, s.service, credValue.SecretAccessKey, date) + + keyPath := buildSigningScope(s.region, s.service, date) + + stringToSign := buildEventStreamStringToSign(headers, payload, s.prevSig, keyPath, date) + + signature := hmacSHA256(sigKey, []byte(stringToSign)) + s.prevSig = signature + + return signature, nil +} + +func buildEventStreamStringToSign(headers, payload, prevSig []byte, scope string, date time.Time) string { + return strings.Join([]string{ + "AWS4-HMAC-SHA256-PAYLOAD", + formatTime(date), + scope, + hex.EncodeToString(prevSig), + hex.EncodeToString(hashSHA256(headers)), + hex.EncodeToString(hashSHA256(payload)), + }, "\n") +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index 8104793..b97334c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -76,9 +76,14 @@ import ( ) const ( + authorizationHeader = "Authorization" + authHeaderSignatureElem = "Signature=" + signatureQueryKey = "X-Amz-Signature" + authHeaderPrefix = "AWS4-HMAC-SHA256" timeFormat = "20060102T150405Z" shortTimeFormat = "20060102" + awsV4Request = "aws4_request" // emptyStringSHA256 is a SHA256 of an empty string emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` @@ -87,9 +92,9 @@ const ( var ignoredHeaders = rules{ blacklist{ mapRule{ - "Authorization": struct{}{}, - "User-Agent": struct{}{}, - "X-Amzn-Trace-Id": struct{}{}, + authorizationHeader: struct{}{}, + "User-Agent": struct{}{}, + "X-Amzn-Trace-Id": struct{}{}, }, }, } @@ -229,11 +234,9 @@ type signingCtx struct { DisableURIPathEscaping bool - credValues credentials.Value - isPresign bool - formattedTime string - formattedShortTime string - unsignedPayload bool + credValues credentials.Value + isPresign bool + unsignedPayload bool bodyDigest string signedHeaders string @@ -532,39 +535,56 @@ func (ctx *signingCtx) build(disableHeaderHoisting bool) error { ctx.buildSignature() // depends on string to sign if ctx.isPresign { - ctx.Request.URL.RawQuery += "&X-Amz-Signature=" + ctx.signature + ctx.Request.URL.RawQuery += "&" + signatureQueryKey + "=" + ctx.signature } else { parts := []string{ authHeaderPrefix + " Credential=" + ctx.credValues.AccessKeyID + "/" + ctx.credentialString, "SignedHeaders=" + ctx.signedHeaders, - "Signature=" + ctx.signature, + authHeaderSignatureElem + ctx.signature, } - ctx.Request.Header.Set("Authorization", strings.Join(parts, ", ")) + ctx.Request.Header.Set(authorizationHeader, strings.Join(parts, ", ")) } return nil } -func (ctx *signingCtx) buildTime() { - ctx.formattedTime = ctx.Time.UTC().Format(timeFormat) - ctx.formattedShortTime = ctx.Time.UTC().Format(shortTimeFormat) +// GetSignedRequestSignature attempts to extract the signature of the request. +// Returning an error if the request is unsigned, or unable to extract the +// signature. +func GetSignedRequestSignature(r *http.Request) ([]byte, error) { + + if auth := r.Header.Get(authorizationHeader); len(auth) != 0 { + ps := strings.Split(auth, ", ") + for _, p := range ps { + if idx := strings.Index(p, authHeaderSignatureElem); idx >= 0 { + sig := p[len(authHeaderSignatureElem):] + if len(sig) == 0 { + return nil, fmt.Errorf("invalid request signature authorization header") + } + return hex.DecodeString(sig) + } + } + } + + if sig := r.URL.Query().Get("X-Amz-Signature"); len(sig) != 0 { + return hex.DecodeString(sig) + } + + return nil, fmt.Errorf("request not signed") +} +func (ctx *signingCtx) buildTime() { if ctx.isPresign { duration := int64(ctx.ExpireTime / time.Second) - ctx.Query.Set("X-Amz-Date", ctx.formattedTime) + ctx.Query.Set("X-Amz-Date", formatTime(ctx.Time)) ctx.Query.Set("X-Amz-Expires", strconv.FormatInt(duration, 10)) } else { - ctx.Request.Header.Set("X-Amz-Date", ctx.formattedTime) + ctx.Request.Header.Set("X-Amz-Date", formatTime(ctx.Time)) } } func (ctx *signingCtx) buildCredentialString() { - ctx.credentialString = strings.Join([]string{ - ctx.formattedShortTime, - ctx.Region, - ctx.ServiceName, - "aws4_request", - }, "/") + ctx.credentialString = buildSigningScope(ctx.Region, ctx.ServiceName, ctx.Time) if ctx.isPresign { ctx.Query.Set("X-Amz-Credential", ctx.credValues.AccessKeyID+"/"+ctx.credentialString) @@ -588,8 +608,7 @@ func (ctx *signingCtx) buildCanonicalHeaders(r rule, header http.Header) { var headers []string headers = append(headers, "host") for k, v := range header { - canonicalKey := http.CanonicalHeaderKey(k) - if !r.IsValid(canonicalKey) { + if !r.IsValid(k) { continue // ignored header } if ctx.SignedHeaderVals == nil { @@ -653,19 +672,15 @@ func (ctx *signingCtx) buildCanonicalString() { func (ctx *signingCtx) buildStringToSign() { ctx.stringToSign = strings.Join([]string{ authHeaderPrefix, - ctx.formattedTime, + formatTime(ctx.Time), ctx.credentialString, - hex.EncodeToString(makeSha256([]byte(ctx.canonicalString))), + hex.EncodeToString(hashSHA256([]byte(ctx.canonicalString))), }, "\n") } func (ctx *signingCtx) buildSignature() { - secret := ctx.credValues.SecretAccessKey - date := makeHmac([]byte("AWS4"+secret), []byte(ctx.formattedShortTime)) - region := makeHmac(date, []byte(ctx.Region)) - service := makeHmac(region, []byte(ctx.ServiceName)) - credentials := makeHmac(service, []byte("aws4_request")) - signature := makeHmac(credentials, []byte(ctx.stringToSign)) + creds := deriveSigningKey(ctx.Region, ctx.ServiceName, ctx.credValues.SecretAccessKey, ctx.Time) + signature := hmacSHA256(creds, []byte(ctx.stringToSign)) ctx.signature = hex.EncodeToString(signature) } @@ -726,13 +741,13 @@ func (ctx *signingCtx) removePresign() { ctx.Query.Del("X-Amz-SignedHeaders") } -func makeHmac(key []byte, data []byte) []byte { +func hmacSHA256(key []byte, data []byte) []byte { hash := hmac.New(sha256.New, key) hash.Write(data) return hash.Sum(nil) } -func makeSha256(data []byte) []byte { +func hashSHA256(data []byte) []byte { hash := sha256.New() hash.Write(data) return hash.Sum(nil) @@ -804,3 +819,28 @@ func stripExcessSpaces(vals []string) { vals[i] = string(buf[:m]) } } + +func buildSigningScope(region, service string, dt time.Time) string { + return strings.Join([]string{ + formatShortTime(dt), + region, + service, + awsV4Request, + }, "/") +} + +func deriveSigningKey(region, service, secretKey string, dt time.Time) []byte { + kDate := hmacSHA256([]byte("AWS4"+secretKey), []byte(formatShortTime(dt))) + kRegion := hmacSHA256(kDate, []byte(region)) + kService := hmacSHA256(kRegion, []byte(service)) + signingKey := hmacSHA256(kService, []byte(awsV4Request)) + return signingKey +} + +func formatShortTime(dt time.Time) string { + return dt.UTC().Format(shortTimeFormat) +} + +func formatTime(dt time.Time) string { + return dt.UTC().Format(timeFormat) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/types.go b/vendor/github.com/aws/aws-sdk-go/aws/types.go index 4550915..d542ef0 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/types.go @@ -2,6 +2,7 @@ package aws import ( "io" + "strings" "sync" "github.com/aws/aws-sdk-go/internal/sdkio" @@ -205,3 +206,36 @@ func (b *WriteAtBuffer) Bytes() []byte { defer b.m.Unlock() return b.buf } + +// MultiCloser is a utility to close multiple io.Closers within a single +// statement. +type MultiCloser []io.Closer + +// Close closes all of the io.Closers making up the MultiClosers. Any +// errors that occur while closing will be returned in the order they +// occur. +func (m MultiCloser) Close() error { + var errs errors + for _, c := range m { + err := c.Close() + if err != nil { + errs = append(errs, err) + } + } + if len(errs) != 0 { + return errs + } + + return nil +} + +type errors []error + +func (es errors) Error() string { + var parts []string + for _, e := range es { + parts = append(parts, e.Error()) + } + + return strings.Join(parts, "\n") +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 198836f..2f7db59 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.25.9" +const SDKVersion = "1.29.2" diff --git a/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go new file mode 100644 index 0000000..d008ae2 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go @@ -0,0 +1,11 @@ +package strings + +import ( + "strings" +) + +// HasPrefixFold tests whether the string s begins with prefix, interpreted as UTF-8 strings, +// under Unicode case-folding. +func HasPrefixFold(s, prefix string) bool { + return len(s) >= len(prefix) && strings.EqualFold(s[0:len(prefix)], prefix) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE new file mode 100644 index 0000000..6a66aea --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go new file mode 100644 index 0000000..14ad0c5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go @@ -0,0 +1,120 @@ +// Copyright 2013 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package singleflight provides a duplicate function call suppression +// mechanism. +package singleflight + +import "sync" + +// call is an in-flight or completed singleflight.Do call +type call struct { + wg sync.WaitGroup + + // These fields are written once before the WaitGroup is done + // and are only read after the WaitGroup is done. + val interface{} + err error + + // forgotten indicates whether Forget was called with this call's key + // while the call was still in flight. + forgotten bool + + // These fields are read and written with the singleflight + // mutex held before the WaitGroup is done, and are read but + // not written after the WaitGroup is done. + dups int + chans []chan<- Result +} + +// Group represents a class of work and forms a namespace in +// which units of work can be executed with duplicate suppression. +type Group struct { + mu sync.Mutex // protects m + m map[string]*call // lazily initialized +} + +// Result holds the results of Do, so they can be passed +// on a channel. +type Result struct { + Val interface{} + Err error + Shared bool +} + +// Do executes and returns the results of the given function, making +// sure that only one execution is in-flight for a given key at a +// time. If a duplicate comes in, the duplicate caller waits for the +// original to complete and receives the same results. +// The return value shared indicates whether v was given to multiple callers. +func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) { + g.mu.Lock() + if g.m == nil { + g.m = make(map[string]*call) + } + if c, ok := g.m[key]; ok { + c.dups++ + g.mu.Unlock() + c.wg.Wait() + return c.val, c.err, true + } + c := new(call) + c.wg.Add(1) + g.m[key] = c + g.mu.Unlock() + + g.doCall(c, key, fn) + return c.val, c.err, c.dups > 0 +} + +// DoChan is like Do but returns a channel that will receive the +// results when they are ready. +func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result { + ch := make(chan Result, 1) + g.mu.Lock() + if g.m == nil { + g.m = make(map[string]*call) + } + if c, ok := g.m[key]; ok { + c.dups++ + c.chans = append(c.chans, ch) + g.mu.Unlock() + return ch + } + c := &call{chans: []chan<- Result{ch}} + c.wg.Add(1) + g.m[key] = c + g.mu.Unlock() + + go g.doCall(c, key, fn) + + return ch +} + +// doCall handles the single call for a key. +func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) { + c.val, c.err = fn() + c.wg.Done() + + g.mu.Lock() + if !c.forgotten { + delete(g.m, key) + } + for _, ch := range c.chans { + ch <- Result{c.val, c.err, c.dups > 0} + } + g.mu.Unlock() +} + +// Forget tells the singleflight to forget about a key. Future calls +// to Do for this key will call the function rather than waiting for +// an earlier call to complete. +func (g *Group) Forget(key string) { + g.mu.Lock() + if c, ok := g.m[key]; ok { + c.forgotten = true + } + delete(g.m, key) + g.mu.Unlock() +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go index ea0da79..5e94996 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go @@ -7,6 +7,7 @@ import ( "fmt" "io" "reflect" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -45,10 +46,31 @@ func UnmarshalJSON(v interface{}, stream io.Reader) error { return err } - return unmarshalAny(reflect.ValueOf(v), out, "") + return unmarshaler{}.unmarshalAny(reflect.ValueOf(v), out, "") } -func unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error { +// UnmarshalJSONCaseInsensitive reads a stream and unmarshals the result into the +// object v. Ignores casing for structure members. +func UnmarshalJSONCaseInsensitive(v interface{}, stream io.Reader) error { + var out interface{} + + err := json.NewDecoder(stream).Decode(&out) + if err == io.EOF { + return nil + } else if err != nil { + return err + } + + return unmarshaler{ + caseInsensitive: true, + }.unmarshalAny(reflect.ValueOf(v), out, "") +} + +type unmarshaler struct { + caseInsensitive bool +} + +func (u unmarshaler) unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error { vtype := value.Type() if vtype.Kind() == reflect.Ptr { vtype = vtype.Elem() // check kind of actual element type @@ -80,17 +102,17 @@ func unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) if field, ok := vtype.FieldByName("_"); ok { tag = field.Tag } - return unmarshalStruct(value, data, tag) + return u.unmarshalStruct(value, data, tag) case "list": - return unmarshalList(value, data, tag) + return u.unmarshalList(value, data, tag) case "map": - return unmarshalMap(value, data, tag) + return u.unmarshalMap(value, data, tag) default: - return unmarshalScalar(value, data, tag) + return u.unmarshalScalar(value, data, tag) } } -func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error { if data == nil { return nil } @@ -114,7 +136,7 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa // unwrap any payloads if payload := tag.Get("payload"); payload != "" { field, _ := t.FieldByName(payload) - return unmarshalAny(value.FieldByName(payload), data, field.Tag) + return u.unmarshalAny(value.FieldByName(payload), data, field.Tag) } for i := 0; i < t.NumField(); i++ { @@ -128,9 +150,19 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa if locName := field.Tag.Get("locationName"); locName != "" { name = locName } + if u.caseInsensitive { + if _, ok := mapData[name]; !ok { + // Fallback to uncased name search if the exact name didn't match. + for kn, v := range mapData { + if strings.EqualFold(kn, name) { + mapData[name] = v + } + } + } + } member := value.FieldByIndex(field.Index) - err := unmarshalAny(member, mapData[name], field.Tag) + err := u.unmarshalAny(member, mapData[name], field.Tag) if err != nil { return err } @@ -138,7 +170,7 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa return nil } -func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error { if data == nil { return nil } @@ -153,7 +185,7 @@ func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) } for i, c := range listData { - err := unmarshalAny(value.Index(i), c, "") + err := u.unmarshalAny(value.Index(i), c, "") if err != nil { return err } @@ -162,7 +194,7 @@ func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) return nil } -func unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error { if data == nil { return nil } @@ -179,14 +211,14 @@ func unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) kvalue := reflect.ValueOf(k) vvalue := reflect.New(value.Type().Elem()).Elem() - unmarshalAny(vvalue, v, "") + u.unmarshalAny(vvalue, v, "") value.SetMapIndex(kvalue, vvalue) } return nil } -func unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error { +func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error { switch d := data.(type) { case nil: diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go index e21614a..0ea0647 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go @@ -64,7 +64,7 @@ func (h HandlerPayloadMarshal) MarshalPayload(w io.Writer, v interface{}) error metadata.ClientInfo{}, request.Handlers{}, nil, - &request.Operation{HTTPMethod: "GET"}, + &request.Operation{HTTPMethod: "PUT"}, v, nil, ) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go new file mode 100644 index 0000000..9d521dc --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go @@ -0,0 +1,49 @@ +package protocol + +import ( + "fmt" + "strings" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" +) + +// RequireHTTPMinProtocol request handler is used to enforce that +// the target endpoint supports the given major and minor HTTP protocol version. +type RequireHTTPMinProtocol struct { + Major, Minor int +} + +// Handler will mark the request.Request with an error if the +// target endpoint did not connect with the required HTTP protocol +// major and minor version. +func (p RequireHTTPMinProtocol) Handler(r *request.Request) { + if r.Error != nil || r.HTTPResponse == nil { + return + } + + if !strings.HasPrefix(r.HTTPResponse.Proto, "HTTP") { + r.Error = newMinHTTPProtoError(p.Major, p.Minor, r) + } + + if r.HTTPResponse.ProtoMajor < p.Major || r.HTTPResponse.ProtoMinor < p.Minor { + r.Error = newMinHTTPProtoError(p.Major, p.Minor, r) + } +} + +// ErrCodeMinimumHTTPProtocolError error code is returned when the target endpoint +// did not match the required HTTP major and minor protocol version. +const ErrCodeMinimumHTTPProtocolError = "MinimumHTTPProtocolError" + +func newMinHTTPProtoError(major, minor int, r *request.Request) error { + return awserr.NewRequestFailure( + awserr.New("MinimumHTTPProtocolError", + fmt.Sprintf( + "operation requires minimum HTTP protocol of HTTP/%d.%d, but was %s", + major, minor, r.HTTPResponse.Proto, + ), + nil, + ), + r.HTTPResponse.StatusCode, r.RequestID, + ) +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go index 0cb99eb..d40346a 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go @@ -1,7 +1,7 @@ // Package query provides serialization of AWS query requests, and responses. package query -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/query.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/query.json build_test.go import ( "net/url" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go index f69c1ef..9231e95 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go @@ -1,6 +1,6 @@ package query -//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/query.json unmarshal_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/query.json unmarshal_test.go import ( "encoding/xml" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go index 74e361e..92f8b4d 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go @@ -15,6 +15,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" + awsStrings "github.com/aws/aws-sdk-go/internal/strings" "github.com/aws/aws-sdk-go/private/protocol" ) @@ -28,7 +29,9 @@ var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.rest.UnmarshalMeta func Unmarshal(r *request.Request) { if r.DataFilled() { v := reflect.Indirect(reflect.ValueOf(r.Data)) - unmarshalBody(r, v) + if err := unmarshalBody(r, v); err != nil { + r.Error = err + } } } @@ -40,12 +43,21 @@ func UnmarshalMeta(r *request.Request) { r.RequestID = r.HTTPResponse.Header.Get("X-Amz-Request-Id") } if r.DataFilled() { - v := reflect.Indirect(reflect.ValueOf(r.Data)) - unmarshalLocationElements(r, v) + if err := UnmarshalResponse(r.HTTPResponse, r.Data, aws.BoolValue(r.Config.LowerCaseHeaderMaps)); err != nil { + r.Error = err + } } } -func unmarshalBody(r *request.Request, v reflect.Value) { +// UnmarshalResponse attempts to unmarshal the REST response headers to +// the data type passed in. The type must be a pointer. An error is returned +// with any error unmarshaling the response into the target datatype. +func UnmarshalResponse(resp *http.Response, data interface{}, lowerCaseHeaderMaps bool) error { + v := reflect.Indirect(reflect.ValueOf(data)) + return unmarshalLocationElements(resp, v, lowerCaseHeaderMaps) +} + +func unmarshalBody(r *request.Request, v reflect.Value) error { if field, ok := v.Type().FieldByName("_"); ok { if payloadName := field.Tag.Get("payload"); payloadName != "" { pfield, _ := v.Type().FieldByName(payloadName) @@ -57,35 +69,38 @@ func unmarshalBody(r *request.Request, v reflect.Value) { defer r.HTTPResponse.Body.Close() b, err := ioutil.ReadAll(r.HTTPResponse.Body) if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - } else { - payload.Set(reflect.ValueOf(b)) + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } + + payload.Set(reflect.ValueOf(b)) + case *string: defer r.HTTPResponse.Body.Close() b, err := ioutil.ReadAll(r.HTTPResponse.Body) if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - } else { - str := string(b) - payload.Set(reflect.ValueOf(&str)) + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } + + str := string(b) + payload.Set(reflect.ValueOf(&str)) + default: switch payload.Type().String() { case "io.ReadCloser": payload.Set(reflect.ValueOf(r.HTTPResponse.Body)) + case "io.ReadSeeker": b, err := ioutil.ReadAll(r.HTTPResponse.Body) if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, + return awserr.New(request.ErrCodeSerialization, "failed to read response body", err) - return } payload.Set(reflect.ValueOf(ioutil.NopCloser(bytes.NewReader(b)))) + default: io.Copy(ioutil.Discard, r.HTTPResponse.Body) - defer r.HTTPResponse.Body.Close() - r.Error = awserr.New(request.ErrCodeSerialization, + r.HTTPResponse.Body.Close() + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", fmt.Errorf("unknown payload type %s", payload.Type())) } @@ -94,9 +109,11 @@ func unmarshalBody(r *request.Request, v reflect.Value) { } } } + + return nil } -func unmarshalLocationElements(r *request.Request, v reflect.Value) { +func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHeaderMaps bool) error { for i := 0; i < v.NumField(); i++ { m, field := v.Field(i), v.Type().Field(i) if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) { @@ -111,26 +128,25 @@ func unmarshalLocationElements(r *request.Request, v reflect.Value) { switch field.Tag.Get("location") { case "statusCode": - unmarshalStatusCode(m, r.HTTPResponse.StatusCode) + unmarshalStatusCode(m, resp.StatusCode) + case "header": - err := unmarshalHeader(m, r.HTTPResponse.Header.Get(name), field.Tag) + err := unmarshalHeader(m, resp.Header.Get(name), field.Tag) if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - break + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } + case "headers": prefix := field.Tag.Get("locationName") - err := unmarshalHeaderMap(m, r.HTTPResponse.Header, prefix) + err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps) if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - break + awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } } } - if r.Error != nil { - return - } } + + return nil } func unmarshalStatusCode(v reflect.Value, statusCode int) { @@ -145,7 +161,7 @@ func unmarshalStatusCode(v reflect.Value, statusCode int) { } } -func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) error { +func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string, normalize bool) error { if len(headers) == 0 { return nil } @@ -153,8 +169,12 @@ func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) err case map[string]*string: // we only support string map value types out := map[string]*string{} for k, v := range headers { - k = http.CanonicalHeaderKey(k) - if strings.HasPrefix(strings.ToLower(k), strings.ToLower(prefix)) { + if awsStrings.HasPrefixFold(k, prefix) { + if normalize == true { + k = strings.ToLower(k) + } else { + k = http.CanonicalHeaderKey(k) + } out[k[len(prefix):]] = &v[0] } } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go index da1a681..f614ef8 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go @@ -19,3 +19,9 @@ func UnmarshalDiscardBody(r *request.Request) { io.Copy(ioutil.Discard, r.HTTPResponse.Body) r.HTTPResponse.Body.Close() } + +// ResponseMetadata provides the SDK response metadata attributes. +type ResponseMetadata struct { + StatusCode int + RequestID string +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go new file mode 100644 index 0000000..cc857f1 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go @@ -0,0 +1,65 @@ +package protocol + +import ( + "net/http" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" +) + +// UnmarshalErrorHandler provides unmarshaling errors API response errors for +// both typed and untyped errors. +type UnmarshalErrorHandler struct { + unmarshaler ErrorUnmarshaler +} + +// ErrorUnmarshaler is an abstract interface for concrete implementations to +// unmarshal protocol specific response errors. +type ErrorUnmarshaler interface { + UnmarshalError(*http.Response, ResponseMetadata) (error, error) +} + +// NewUnmarshalErrorHandler returns an UnmarshalErrorHandler +// initialized for the set of exception names to the error unmarshalers +func NewUnmarshalErrorHandler(unmarshaler ErrorUnmarshaler) *UnmarshalErrorHandler { + return &UnmarshalErrorHandler{ + unmarshaler: unmarshaler, + } +} + +// UnmarshalErrorHandlerName is the name of the named handler. +const UnmarshalErrorHandlerName = "awssdk.protocol.UnmarshalError" + +// NamedHandler returns a NamedHandler for the unmarshaler using the set of +// errors the unmarshaler was initialized for. +func (u *UnmarshalErrorHandler) NamedHandler() request.NamedHandler { + return request.NamedHandler{ + Name: UnmarshalErrorHandlerName, + Fn: u.UnmarshalError, + } +} + +// UnmarshalError will attempt to unmarshal the API response's error message +// into either a generic SDK error type, or a typed error corresponding to the +// errors exception name. +func (u *UnmarshalErrorHandler) UnmarshalError(r *request.Request) { + defer r.HTTPResponse.Body.Close() + + respMeta := ResponseMetadata{ + StatusCode: r.HTTPResponse.StatusCode, + RequestID: r.RequestID, + } + + v, err := u.unmarshaler.UnmarshalError(r.HTTPResponse, respMeta) + if err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal response error", err), + respMeta.StatusCode, + respMeta.RequestID, + ) + return + } + + r.Error = v +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/rds/api.go b/vendor/github.com/aws/aws-sdk-go/service/rds/api.go index bbba1da..98bff4a 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/rds/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/rds/api.go @@ -534,8 +534,8 @@ func (c *RDS) AuthorizeDBSecurityGroupIngressRequest(input *AuthorizeDBSecurityG // The state of the DB security group doesn't allow deletion. // // * ErrCodeAuthorizationAlreadyExistsFault "AuthorizationAlreadyExists" -// The specified CIDRIP or Amazon EC2 security group is already authorized for -// the specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group is already authorized +// for the specified DB security group. // // * ErrCodeAuthorizationQuotaExceededFault "AuthorizationQuotaExceeded" // The DB security group authorization quota has been reached. @@ -650,6 +650,89 @@ func (c *RDS) BacktrackDBClusterWithContext(ctx aws.Context, input *BacktrackDBC return out, req.Send() } +const opCancelExportTask = "CancelExportTask" + +// CancelExportTaskRequest generates a "aws/request.Request" representing the +// client's request for the CancelExportTask operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CancelExportTask for more information on using the CancelExportTask +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CancelExportTaskRequest method. +// req, resp := client.CancelExportTaskRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CancelExportTask +func (c *RDS) CancelExportTaskRequest(input *CancelExportTaskInput) (req *request.Request, output *CancelExportTaskOutput) { + op := &request.Operation{ + Name: opCancelExportTask, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CancelExportTaskInput{} + } + + output = &CancelExportTaskOutput{} + req = c.newRequest(op, input, output) + return +} + +// CancelExportTask API operation for Amazon Relational Database Service. +// +// Cancels an export task in progress that is exporting a snapshot to Amazon +// S3. Any data that has already been written to the S3 bucket isn't removed. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation CancelExportTask for usage and error information. +// +// Returned Error Codes: +// * ErrCodeExportTaskNotFoundFault "ExportTaskNotFound" +// The export task doesn't exist. +// +// * ErrCodeInvalidExportTaskStateFault "InvalidExportTaskStateFault" +// You can't cancel an export task that has completed. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CancelExportTask +func (c *RDS) CancelExportTask(input *CancelExportTaskInput) (*CancelExportTaskOutput, error) { + req, out := c.CancelExportTaskRequest(input) + return out, req.Send() +} + +// CancelExportTaskWithContext is the same as CancelExportTask with the addition of +// the ability to pass a context and additional request options. +// +// See CancelExportTask for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) CancelExportTaskWithContext(ctx aws.Context, input *CancelExportTaskInput, opts ...request.Option) (*CancelExportTaskOutput, error) { + req, out := c.CancelExportTaskRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCopyDBClusterParameterGroup = "CopyDBClusterParameterGroup" // CopyDBClusterParameterGroupRequest generates a "aws/request.Request" representing the @@ -808,7 +891,7 @@ func (c *RDS) CopyDBClusterSnapshotRequest(input *CopyDBClusterSnapshotInput) (r // Region. This is the same identifier for both the CopyDBClusterSnapshot // action that is called in the destination AWS Region, and the action contained // in the pre-signed URL. DestinationRegion - The name of the AWS Region -// that the DB cluster snapshot will be created in. SourceDBClusterSnapshotIdentifier +// that the DB cluster snapshot is to be created in. SourceDBClusterSnapshotIdentifier // - The DB cluster snapshot identifier for the encrypted DB cluster snapshot // to be copied. This identifier must be in the Amazon Resource Name (ARN) // format for the source AWS Region. For example, if you are copying an encrypted @@ -817,6 +900,11 @@ func (c *RDS) CopyDBClusterSnapshotRequest(input *CopyDBClusterSnapshotInput) (r // To learn how to generate a Signature Version 4 signed request, see Authenticating // Requests: Using Query Parameters (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) // and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). +// If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion +// (or --source-region for the AWS CLI) instead of specifying PreSignedUrl +// manually. Specifying SourceRegion autogenerates a pre-signed URL that +// is a valid request for the operation that can be executed in the source +// AWS Region. // // * TargetDBClusterSnapshotIdentifier - The identifier for the new copy // of the DB cluster snapshot in the destination AWS Region. @@ -1024,7 +1112,7 @@ func (c *RDS) CopyDBSnapshotRequest(input *CopyDBSnapshotInput) (req *request.Re // AWS Region where you call the CopyDBSnapshot action is the destination AWS // Region for the DB snapshot copy. // -// For more information about copying snapshots, see Copying a DB Snapshot (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CopyDBSnapshot.html) +// For more information about copying snapshots, see Copying a DB Snapshot (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CopySnapshot.html#USER_CopyDBSnapshot) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1157,6 +1245,98 @@ func (c *RDS) CopyOptionGroupWithContext(ctx aws.Context, input *CopyOptionGroup return out, req.Send() } +const opCreateCustomAvailabilityZone = "CreateCustomAvailabilityZone" + +// CreateCustomAvailabilityZoneRequest generates a "aws/request.Request" representing the +// client's request for the CreateCustomAvailabilityZone operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateCustomAvailabilityZone for more information on using the CreateCustomAvailabilityZone +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateCustomAvailabilityZoneRequest method. +// req, resp := client.CreateCustomAvailabilityZoneRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateCustomAvailabilityZone +func (c *RDS) CreateCustomAvailabilityZoneRequest(input *CreateCustomAvailabilityZoneInput) (req *request.Request, output *CreateCustomAvailabilityZoneOutput) { + op := &request.Operation{ + Name: opCreateCustomAvailabilityZone, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateCustomAvailabilityZoneInput{} + } + + output = &CreateCustomAvailabilityZoneOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateCustomAvailabilityZone API operation for Amazon Relational Database Service. +// +// Creates a custom Availability Zone (AZ). +// +// A custom AZ is an on-premises AZ that is integrated with a VMware vSphere +// cluster. +// +// For more information about RDS on VMware, see the RDS on VMware User Guide. +// (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation CreateCustomAvailabilityZone for usage and error information. +// +// Returned Error Codes: +// * ErrCodeCustomAvailabilityZoneAlreadyExistsFault "CustomAvailabilityZoneAlreadyExists" +// CustomAvailabilityZoneName is already used by an existing custom Availability +// Zone. +// +// * ErrCodeCustomAvailabilityZoneQuotaExceededFault "CustomAvailabilityZoneQuotaExceeded" +// You have exceeded the maximum number of custom Availability Zones. +// +// * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" +// An error occurred accessing an AWS KMS key. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateCustomAvailabilityZone +func (c *RDS) CreateCustomAvailabilityZone(input *CreateCustomAvailabilityZoneInput) (*CreateCustomAvailabilityZoneOutput, error) { + req, out := c.CreateCustomAvailabilityZoneRequest(input) + return out, req.Send() +} + +// CreateCustomAvailabilityZoneWithContext is the same as CreateCustomAvailabilityZone with the addition of +// the ability to pass a context and additional request options. +// +// See CreateCustomAvailabilityZone for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) CreateCustomAvailabilityZoneWithContext(ctx aws.Context, input *CreateCustomAvailabilityZoneInput, opts ...request.Option) (*CreateCustomAvailabilityZoneOutput, error) { + req, out := c.CreateCustomAvailabilityZoneRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateDBCluster = "CreateDBCluster" // CreateDBClusterRequest generates a "aws/request.Request" representing the @@ -1712,11 +1892,11 @@ func (c *RDS) CreateDBInstanceRequest(input *CreateDBInstanceInput) (req *reques // Storage of the StorageType specified can't be associated with the DB instance. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" // An error occurred accessing an AWS KMS key. @@ -2004,6 +2184,98 @@ func (c *RDS) CreateDBParameterGroupWithContext(ctx aws.Context, input *CreateDB return out, req.Send() } +const opCreateDBProxy = "CreateDBProxy" + +// CreateDBProxyRequest generates a "aws/request.Request" representing the +// client's request for the CreateDBProxy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateDBProxy for more information on using the CreateDBProxy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateDBProxyRequest method. +// req, resp := client.CreateDBProxyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBProxy +func (c *RDS) CreateDBProxyRequest(input *CreateDBProxyInput) (req *request.Request, output *CreateDBProxyOutput) { + op := &request.Operation{ + Name: opCreateDBProxy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateDBProxyInput{} + } + + output = &CreateDBProxyOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateDBProxy API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Creates a new DB proxy. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation CreateDBProxy for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidSubnet "InvalidSubnet" +// The requested subnet is invalid, or multiple subnets were requested that +// are not all in a common VPC. +// +// * ErrCodeDBProxyAlreadyExistsFault "DBProxyAlreadyExistsFault" +// The specified proxy name must be unique for all proxies owned by your AWS +// account in the specified AWS Region. +// +// * ErrCodeDBProxyQuotaExceededFault "DBProxyQuotaExceededFault" +// Your AWS account already has the maximum number of proxies in the specified +// AWS Region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBProxy +func (c *RDS) CreateDBProxy(input *CreateDBProxyInput) (*CreateDBProxyOutput, error) { + req, out := c.CreateDBProxyRequest(input) + return out, req.Send() +} + +// CreateDBProxyWithContext is the same as CreateDBProxy with the addition of +// the ability to pass a context and additional request options. +// +// See CreateDBProxy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) CreateDBProxyWithContext(ctx aws.Context, input *CreateDBProxyInput, opts ...request.Option) (*CreateDBProxyOutput, error) { + req, out := c.CreateDBProxyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateDBSecurityGroup = "CreateDBSecurityGroup" // CreateDBSecurityGroupRequest generates a "aws/request.Request" representing the @@ -2324,7 +2596,7 @@ func (c *RDS) CreateEventSubscriptionRequest(input *CreateEventSubscriptionInput // CreateEventSubscription API operation for Amazon Relational Database Service. // // Creates an RDS event notification subscription. This action requires a topic -// ARN (Amazon Resource Name) created by either the RDS console, the SNS console, +// Amazon Resource Name (ARN) created by either the RDS console, the SNS console, // or the SNS API. To obtain an ARN with SNS, you must create a topic in Amazon // SNS and subscribe to the topic. The ARN is displayed in the SNS console. // @@ -2338,10 +2610,13 @@ func (c *RDS) CreateEventSubscriptionRequest(input *CreateEventSubscriptionInput // and SourceIdentifier = myDBInstance1, you are notified of all the db-instance // events for the specified source. If you specify a SourceType but do not specify // a SourceIdentifier, you receive notice of the events for that source type -// for all your RDS sources. If you do not specify either the SourceType nor -// the SourceIdentifier, you are notified of events generated from all RDS sources +// for all your RDS sources. If you don't specify either the SourceType or the +// SourceIdentifier, you are notified of events generated from all RDS sources // belonging to your customer account. // +// RDS event notification is only available for unencrypted SNS topics. If you +// specify an encrypted SNS topic, event notifications aren't sent for the topic. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2572,6 +2847,95 @@ func (c *RDS) CreateOptionGroupWithContext(ctx aws.Context, input *CreateOptionG return out, req.Send() } +const opDeleteCustomAvailabilityZone = "DeleteCustomAvailabilityZone" + +// DeleteCustomAvailabilityZoneRequest generates a "aws/request.Request" representing the +// client's request for the DeleteCustomAvailabilityZone operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteCustomAvailabilityZone for more information on using the DeleteCustomAvailabilityZone +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteCustomAvailabilityZoneRequest method. +// req, resp := client.DeleteCustomAvailabilityZoneRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteCustomAvailabilityZone +func (c *RDS) DeleteCustomAvailabilityZoneRequest(input *DeleteCustomAvailabilityZoneInput) (req *request.Request, output *DeleteCustomAvailabilityZoneOutput) { + op := &request.Operation{ + Name: opDeleteCustomAvailabilityZone, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteCustomAvailabilityZoneInput{} + } + + output = &DeleteCustomAvailabilityZoneOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteCustomAvailabilityZone API operation for Amazon Relational Database Service. +// +// Deletes a custom Availability Zone (AZ). +// +// A custom AZ is an on-premises AZ that is integrated with a VMware vSphere +// cluster. +// +// For more information about RDS on VMware, see the RDS on VMware User Guide. +// (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DeleteCustomAvailabilityZone for usage and error information. +// +// Returned Error Codes: +// * ErrCodeCustomAvailabilityZoneNotFoundFault "CustomAvailabilityZoneNotFound" +// CustomAvailabilityZoneId doesn't refer to an existing custom Availability +// Zone identifier. +// +// * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" +// An error occurred accessing an AWS KMS key. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteCustomAvailabilityZone +func (c *RDS) DeleteCustomAvailabilityZone(input *DeleteCustomAvailabilityZoneInput) (*DeleteCustomAvailabilityZoneOutput, error) { + req, out := c.DeleteCustomAvailabilityZoneRequest(input) + return out, req.Send() +} + +// DeleteCustomAvailabilityZoneWithContext is the same as DeleteCustomAvailabilityZone with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteCustomAvailabilityZone for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DeleteCustomAvailabilityZoneWithContext(ctx aws.Context, input *DeleteCustomAvailabilityZoneInput, opts ...request.Option) (*DeleteCustomAvailabilityZoneOutput, error) { + req, out := c.DeleteCustomAvailabilityZoneRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteDBCluster = "DeleteDBCluster" // DeleteDBClusterRequest generates a "aws/request.Request" representing the @@ -2994,9 +3358,9 @@ func (c *RDS) DeleteDBInstanceRequest(input *DeleteDBInstanceInput) (req *reques // is used to monitor the status of this operation. The action can't be canceled // or reverted once submitted. // -// Note that when a DB instance is in a failure state and has a status of failed, -// incompatible-restore, or incompatible-network, you can only delete it when -// you skip creation of the final snapshot with the SkipFinalSnapshot parameter. +// When a DB instance is in a failure state and has a status of failed, incompatible-restore, +// or incompatible-network, you can only delete it when you skip creation of +// the final snapshot with the SkipFinalSnapshot parameter. // // If the specified DB instance is part of an Amazon Aurora DB cluster, you // can't delete the DB instance if both of the following conditions are true: @@ -3230,6 +3594,93 @@ func (c *RDS) DeleteDBParameterGroupWithContext(ctx aws.Context, input *DeleteDB return out, req.Send() } +const opDeleteDBProxy = "DeleteDBProxy" + +// DeleteDBProxyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDBProxy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteDBProxy for more information on using the DeleteDBProxy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteDBProxyRequest method. +// req, resp := client.DeleteDBProxyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBProxy +func (c *RDS) DeleteDBProxyRequest(input *DeleteDBProxyInput) (req *request.Request, output *DeleteDBProxyOutput) { + op := &request.Operation{ + Name: opDeleteDBProxy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteDBProxyInput{} + } + + output = &DeleteDBProxyOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteDBProxy API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Deletes an existing proxy. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DeleteDBProxy for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// * ErrCodeInvalidDBProxyStateFault "InvalidDBProxyStateFault" +// The requested operation can't be performed while the proxy is in this state. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBProxy +func (c *RDS) DeleteDBProxy(input *DeleteDBProxyInput) (*DeleteDBProxyOutput, error) { + req, out := c.DeleteDBProxyRequest(input) + return out, req.Send() +} + +// DeleteDBProxyWithContext is the same as DeleteDBProxy with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteDBProxy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DeleteDBProxyWithContext(ctx aws.Context, input *DeleteDBProxyInput, opts ...request.Option) (*DeleteDBProxyOutput, error) { + req, out := c.DeleteDBProxyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteDBSecurityGroup = "DeleteDBSecurityGroup" // DeleteDBSecurityGroupRequest generates a "aws/request.Request" representing the @@ -3654,6 +4105,86 @@ func (c *RDS) DeleteGlobalClusterWithContext(ctx aws.Context, input *DeleteGloba return out, req.Send() } +const opDeleteInstallationMedia = "DeleteInstallationMedia" + +// DeleteInstallationMediaRequest generates a "aws/request.Request" representing the +// client's request for the DeleteInstallationMedia operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteInstallationMedia for more information on using the DeleteInstallationMedia +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteInstallationMediaRequest method. +// req, resp := client.DeleteInstallationMediaRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteInstallationMedia +func (c *RDS) DeleteInstallationMediaRequest(input *DeleteInstallationMediaInput) (req *request.Request, output *DeleteInstallationMediaOutput) { + op := &request.Operation{ + Name: opDeleteInstallationMedia, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteInstallationMediaInput{} + } + + output = &DeleteInstallationMediaOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteInstallationMedia API operation for Amazon Relational Database Service. +// +// Deletes the installation medium for a DB engine that requires an on-premises +// customer provided license, such as Microsoft SQL Server. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DeleteInstallationMedia for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInstallationMediaNotFoundFault "InstallationMediaNotFound" +// InstallationMediaID doesn't refer to an existing installation medium. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteInstallationMedia +func (c *RDS) DeleteInstallationMedia(input *DeleteInstallationMediaInput) (*DeleteInstallationMediaOutput, error) { + req, out := c.DeleteInstallationMediaRequest(input) + return out, req.Send() +} + +// DeleteInstallationMediaWithContext is the same as DeleteInstallationMedia with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteInstallationMedia for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DeleteInstallationMediaWithContext(ctx aws.Context, input *DeleteInstallationMediaInput, opts ...request.Option) (*DeleteInstallationMediaOutput, error) { + req, out := c.DeleteInstallationMediaRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteOptionGroup = "DeleteOptionGroup" // DeleteOptionGroupRequest generates a "aws/request.Request" representing the @@ -3737,6 +4268,100 @@ func (c *RDS) DeleteOptionGroupWithContext(ctx aws.Context, input *DeleteOptionG return out, req.Send() } +const opDeregisterDBProxyTargets = "DeregisterDBProxyTargets" + +// DeregisterDBProxyTargetsRequest generates a "aws/request.Request" representing the +// client's request for the DeregisterDBProxyTargets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeregisterDBProxyTargets for more information on using the DeregisterDBProxyTargets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeregisterDBProxyTargetsRequest method. +// req, resp := client.DeregisterDBProxyTargetsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeregisterDBProxyTargets +func (c *RDS) DeregisterDBProxyTargetsRequest(input *DeregisterDBProxyTargetsInput) (req *request.Request, output *DeregisterDBProxyTargetsOutput) { + op := &request.Operation{ + Name: opDeregisterDBProxyTargets, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeregisterDBProxyTargetsInput{} + } + + output = &DeregisterDBProxyTargetsOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeregisterDBProxyTargets API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Remove the association between one or more DBProxyTarget data structures +// and a DBProxyTargetGroup. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DeregisterDBProxyTargets for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyTargetNotFoundFault "DBProxyTargetNotFoundFault" +// The specified RDS DB instance or Aurora DB cluster isn't available for a +// proxy owned by your AWS account in the specified AWS Region. +// +// * ErrCodeDBProxyTargetGroupNotFoundFault "DBProxyTargetGroupNotFoundFault" +// The specified target group isn't available for a proxy owned by your AWS +// account in the specified AWS Region. +// +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeregisterDBProxyTargets +func (c *RDS) DeregisterDBProxyTargets(input *DeregisterDBProxyTargetsInput) (*DeregisterDBProxyTargetsOutput, error) { + req, out := c.DeregisterDBProxyTargetsRequest(input) + return out, req.Send() +} + +// DeregisterDBProxyTargetsWithContext is the same as DeregisterDBProxyTargets with the addition of +// the ability to pass a context and additional request options. +// +// See DeregisterDBProxyTargets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DeregisterDBProxyTargetsWithContext(ctx aws.Context, input *DeregisterDBProxyTargetsInput, opts ...request.Option) (*DeregisterDBProxyTargetsOutput, error) { + req, out := c.DeregisterDBProxyTargetsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeAccountAttributes = "DescribeAccountAttributes" // DescribeAccountAttributesRequest generates a "aws/request.Request" representing the @@ -3895,6 +4520,150 @@ func (c *RDS) DescribeCertificatesWithContext(ctx aws.Context, input *DescribeCe return out, req.Send() } +const opDescribeCustomAvailabilityZones = "DescribeCustomAvailabilityZones" + +// DescribeCustomAvailabilityZonesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCustomAvailabilityZones operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCustomAvailabilityZones for more information on using the DescribeCustomAvailabilityZones +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeCustomAvailabilityZonesRequest method. +// req, resp := client.DescribeCustomAvailabilityZonesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeCustomAvailabilityZones +func (c *RDS) DescribeCustomAvailabilityZonesRequest(input *DescribeCustomAvailabilityZonesInput) (req *request.Request, output *DescribeCustomAvailabilityZonesOutput) { + op := &request.Operation{ + Name: opDescribeCustomAvailabilityZones, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"Marker"}, + OutputTokens: []string{"Marker"}, + LimitToken: "MaxRecords", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeCustomAvailabilityZonesInput{} + } + + output = &DescribeCustomAvailabilityZonesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCustomAvailabilityZones API operation for Amazon Relational Database Service. +// +// Returns information about custom Availability Zones (AZs). +// +// A custom AZ is an on-premises AZ that is integrated with a VMware vSphere +// cluster. +// +// For more information about RDS on VMware, see the RDS on VMware User Guide. +// (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DescribeCustomAvailabilityZones for usage and error information. +// +// Returned Error Codes: +// * ErrCodeCustomAvailabilityZoneNotFoundFault "CustomAvailabilityZoneNotFound" +// CustomAvailabilityZoneId doesn't refer to an existing custom Availability +// Zone identifier. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeCustomAvailabilityZones +func (c *RDS) DescribeCustomAvailabilityZones(input *DescribeCustomAvailabilityZonesInput) (*DescribeCustomAvailabilityZonesOutput, error) { + req, out := c.DescribeCustomAvailabilityZonesRequest(input) + return out, req.Send() +} + +// DescribeCustomAvailabilityZonesWithContext is the same as DescribeCustomAvailabilityZones with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCustomAvailabilityZones for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeCustomAvailabilityZonesWithContext(ctx aws.Context, input *DescribeCustomAvailabilityZonesInput, opts ...request.Option) (*DescribeCustomAvailabilityZonesOutput, error) { + req, out := c.DescribeCustomAvailabilityZonesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeCustomAvailabilityZonesPages iterates over the pages of a DescribeCustomAvailabilityZones operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCustomAvailabilityZones method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCustomAvailabilityZones operation. +// pageNum := 0 +// err := client.DescribeCustomAvailabilityZonesPages(params, +// func(page *rds.DescribeCustomAvailabilityZonesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *RDS) DescribeCustomAvailabilityZonesPages(input *DescribeCustomAvailabilityZonesInput, fn func(*DescribeCustomAvailabilityZonesOutput, bool) bool) error { + return c.DescribeCustomAvailabilityZonesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCustomAvailabilityZonesPagesWithContext same as DescribeCustomAvailabilityZonesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeCustomAvailabilityZonesPagesWithContext(ctx aws.Context, input *DescribeCustomAvailabilityZonesInput, fn func(*DescribeCustomAvailabilityZonesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCustomAvailabilityZonesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCustomAvailabilityZonesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCustomAvailabilityZonesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeDBClusterBacktracks = "DescribeDBClusterBacktracks" // DescribeDBClusterBacktracksRequest generates a "aws/request.Request" representing the @@ -4467,7 +5236,8 @@ func (c *RDS) DescribeDBClustersRequest(input *DescribeDBClustersInput) (req *re // For more information on Amazon Aurora, see What Is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// This action only applies to Aurora DB clusters. +// This operation can also return information for Amazon Neptune DB instances +// and Amazon DocumentDB instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4545,10 +5315,12 @@ func (c *RDS) DescribeDBClustersPagesWithContext(ctx aws.Context, input *Describ }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBClustersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBClustersOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -4675,10 +5447,12 @@ func (c *RDS) DescribeDBEngineVersionsPagesWithContext(ctx aws.Context, input *D }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBEngineVersionsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBEngineVersionsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -4816,10 +5590,12 @@ func (c *RDS) DescribeDBInstanceAutomatedBackupsPagesWithContext(ctx aws.Context }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBInstanceAutomatedBackupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBInstanceAutomatedBackupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -4875,6 +5651,9 @@ func (c *RDS) DescribeDBInstancesRequest(input *DescribeDBInstancesInput) (req * // // Returns information about provisioned RDS instances. This API supports pagination. // +// This operation can also return information for Amazon Neptune DB instances +// and Amazon DocumentDB instances. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4951,10 +5730,12 @@ func (c *RDS) DescribeDBInstancesPagesWithContext(ctx aws.Context, input *Descri }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBInstancesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBInstancesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -5086,10 +5867,12 @@ func (c *RDS) DescribeDBLogFilesPagesWithContext(ctx aws.Context, input *Describ }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBLogFilesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBLogFilesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -5223,10 +6006,12 @@ func (c *RDS) DescribeDBParameterGroupsPagesWithContext(ctx aws.Context, input * }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBParameterGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBParameterGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -5358,10 +6143,447 @@ func (c *RDS) DescribeDBParametersPagesWithContext(ctx aws.Context, input *Descr }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBParametersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBParametersOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeDBProxies = "DescribeDBProxies" + +// DescribeDBProxiesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDBProxies operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeDBProxies for more information on using the DescribeDBProxies +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeDBProxiesRequest method. +// req, resp := client.DescribeDBProxiesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBProxies +func (c *RDS) DescribeDBProxiesRequest(input *DescribeDBProxiesInput) (req *request.Request, output *DescribeDBProxiesOutput) { + op := &request.Operation{ + Name: opDescribeDBProxies, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"Marker"}, + OutputTokens: []string{"Marker"}, + LimitToken: "MaxRecords", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeDBProxiesInput{} + } + + output = &DescribeDBProxiesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeDBProxies API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Returns information about DB proxies. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DescribeDBProxies for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBProxies +func (c *RDS) DescribeDBProxies(input *DescribeDBProxiesInput) (*DescribeDBProxiesOutput, error) { + req, out := c.DescribeDBProxiesRequest(input) + return out, req.Send() +} + +// DescribeDBProxiesWithContext is the same as DescribeDBProxies with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeDBProxies for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeDBProxiesWithContext(ctx aws.Context, input *DescribeDBProxiesInput, opts ...request.Option) (*DescribeDBProxiesOutput, error) { + req, out := c.DescribeDBProxiesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeDBProxiesPages iterates over the pages of a DescribeDBProxies operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeDBProxies method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeDBProxies operation. +// pageNum := 0 +// err := client.DescribeDBProxiesPages(params, +// func(page *rds.DescribeDBProxiesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *RDS) DescribeDBProxiesPages(input *DescribeDBProxiesInput, fn func(*DescribeDBProxiesOutput, bool) bool) error { + return c.DescribeDBProxiesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeDBProxiesPagesWithContext same as DescribeDBProxiesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeDBProxiesPagesWithContext(ctx aws.Context, input *DescribeDBProxiesInput, fn func(*DescribeDBProxiesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeDBProxiesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeDBProxiesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeDBProxiesOutput), !p.HasNextPage()) { + break + } } + + return p.Err() +} + +const opDescribeDBProxyTargetGroups = "DescribeDBProxyTargetGroups" + +// DescribeDBProxyTargetGroupsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDBProxyTargetGroups operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeDBProxyTargetGroups for more information on using the DescribeDBProxyTargetGroups +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeDBProxyTargetGroupsRequest method. +// req, resp := client.DescribeDBProxyTargetGroupsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBProxyTargetGroups +func (c *RDS) DescribeDBProxyTargetGroupsRequest(input *DescribeDBProxyTargetGroupsInput) (req *request.Request, output *DescribeDBProxyTargetGroupsOutput) { + op := &request.Operation{ + Name: opDescribeDBProxyTargetGroups, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"Marker"}, + OutputTokens: []string{"Marker"}, + LimitToken: "MaxRecords", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeDBProxyTargetGroupsInput{} + } + + output = &DescribeDBProxyTargetGroupsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeDBProxyTargetGroups API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Returns information about DB proxy target groups, represented by DBProxyTargetGroup +// data structures. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DescribeDBProxyTargetGroups for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyTargetGroupNotFoundFault "DBProxyTargetGroupNotFoundFault" +// The specified target group isn't available for a proxy owned by your AWS +// account in the specified AWS Region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBProxyTargetGroups +func (c *RDS) DescribeDBProxyTargetGroups(input *DescribeDBProxyTargetGroupsInput) (*DescribeDBProxyTargetGroupsOutput, error) { + req, out := c.DescribeDBProxyTargetGroupsRequest(input) + return out, req.Send() +} + +// DescribeDBProxyTargetGroupsWithContext is the same as DescribeDBProxyTargetGroups with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeDBProxyTargetGroups for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeDBProxyTargetGroupsWithContext(ctx aws.Context, input *DescribeDBProxyTargetGroupsInput, opts ...request.Option) (*DescribeDBProxyTargetGroupsOutput, error) { + req, out := c.DescribeDBProxyTargetGroupsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeDBProxyTargetGroupsPages iterates over the pages of a DescribeDBProxyTargetGroups operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeDBProxyTargetGroups method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeDBProxyTargetGroups operation. +// pageNum := 0 +// err := client.DescribeDBProxyTargetGroupsPages(params, +// func(page *rds.DescribeDBProxyTargetGroupsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *RDS) DescribeDBProxyTargetGroupsPages(input *DescribeDBProxyTargetGroupsInput, fn func(*DescribeDBProxyTargetGroupsOutput, bool) bool) error { + return c.DescribeDBProxyTargetGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeDBProxyTargetGroupsPagesWithContext same as DescribeDBProxyTargetGroupsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeDBProxyTargetGroupsPagesWithContext(ctx aws.Context, input *DescribeDBProxyTargetGroupsInput, fn func(*DescribeDBProxyTargetGroupsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeDBProxyTargetGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeDBProxyTargetGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeDBProxyTargetGroupsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeDBProxyTargets = "DescribeDBProxyTargets" + +// DescribeDBProxyTargetsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDBProxyTargets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeDBProxyTargets for more information on using the DescribeDBProxyTargets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeDBProxyTargetsRequest method. +// req, resp := client.DescribeDBProxyTargetsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBProxyTargets +func (c *RDS) DescribeDBProxyTargetsRequest(input *DescribeDBProxyTargetsInput) (req *request.Request, output *DescribeDBProxyTargetsOutput) { + op := &request.Operation{ + Name: opDescribeDBProxyTargets, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"Marker"}, + OutputTokens: []string{"Marker"}, + LimitToken: "MaxRecords", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeDBProxyTargetsInput{} + } + + output = &DescribeDBProxyTargetsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeDBProxyTargets API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Returns information about DBProxyTarget objects. This API supports pagination. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DescribeDBProxyTargets for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// * ErrCodeDBProxyTargetNotFoundFault "DBProxyTargetNotFoundFault" +// The specified RDS DB instance or Aurora DB cluster isn't available for a +// proxy owned by your AWS account in the specified AWS Region. +// +// * ErrCodeDBProxyTargetGroupNotFoundFault "DBProxyTargetGroupNotFoundFault" +// The specified target group isn't available for a proxy owned by your AWS +// account in the specified AWS Region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBProxyTargets +func (c *RDS) DescribeDBProxyTargets(input *DescribeDBProxyTargetsInput) (*DescribeDBProxyTargetsOutput, error) { + req, out := c.DescribeDBProxyTargetsRequest(input) + return out, req.Send() +} + +// DescribeDBProxyTargetsWithContext is the same as DescribeDBProxyTargets with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeDBProxyTargets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeDBProxyTargetsWithContext(ctx aws.Context, input *DescribeDBProxyTargetsInput, opts ...request.Option) (*DescribeDBProxyTargetsOutput, error) { + req, out := c.DescribeDBProxyTargetsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeDBProxyTargetsPages iterates over the pages of a DescribeDBProxyTargets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeDBProxyTargets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeDBProxyTargets operation. +// pageNum := 0 +// err := client.DescribeDBProxyTargetsPages(params, +// func(page *rds.DescribeDBProxyTargetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *RDS) DescribeDBProxyTargetsPages(input *DescribeDBProxyTargetsInput, fn func(*DescribeDBProxyTargetsOutput, bool) bool) error { + return c.DescribeDBProxyTargetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeDBProxyTargetsPagesWithContext same as DescribeDBProxyTargetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeDBProxyTargetsPagesWithContext(ctx aws.Context, input *DescribeDBProxyTargetsInput, fn func(*DescribeDBProxyTargetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeDBProxyTargetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeDBProxyTargetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeDBProxyTargetsOutput), !p.HasNextPage()) { + break + } + } + return p.Err() } @@ -5495,10 +6717,12 @@ func (c *RDS) DescribeDBSecurityGroupsPagesWithContext(ctx aws.Context, input *D }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBSecurityGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBSecurityGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -5720,10 +6944,12 @@ func (c *RDS) DescribeDBSnapshotsPagesWithContext(ctx aws.Context, input *Descri }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBSnapshotsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBSnapshotsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -5858,10 +7084,12 @@ func (c *RDS) DescribeDBSubnetGroupsPagesWithContext(ctx aws.Context, input *Des }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeDBSubnetGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeDBSubnetGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6067,10 +7295,12 @@ func (c *RDS) DescribeEngineDefaultParametersPagesWithContext(ctx aws.Context, i }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeEngineDefaultParametersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeEngineDefaultParametersOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6283,10 +7513,12 @@ func (c *RDS) DescribeEventSubscriptionsPagesWithContext(ctx aws.Context, input }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeEventSubscriptionsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeEventSubscriptionsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6417,10 +7649,150 @@ func (c *RDS) DescribeEventsPagesWithContext(ctx aws.Context, input *DescribeEve }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeEventsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeEventsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeExportTasks = "DescribeExportTasks" + +// DescribeExportTasksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeExportTasks operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeExportTasks for more information on using the DescribeExportTasks +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeExportTasksRequest method. +// req, resp := client.DescribeExportTasksRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeExportTasks +func (c *RDS) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req *request.Request, output *DescribeExportTasksOutput) { + op := &request.Operation{ + Name: opDescribeExportTasks, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"Marker"}, + OutputTokens: []string{"Marker"}, + LimitToken: "MaxRecords", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeExportTasksInput{} + } + + output = &DescribeExportTasksOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeExportTasks API operation for Amazon Relational Database Service. +// +// Returns information about a snapshot export to Amazon S3. This API operation +// supports pagination. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DescribeExportTasks for usage and error information. +// +// Returned Error Codes: +// * ErrCodeExportTaskNotFoundFault "ExportTaskNotFound" +// The export task doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeExportTasks +func (c *RDS) DescribeExportTasks(input *DescribeExportTasksInput) (*DescribeExportTasksOutput, error) { + req, out := c.DescribeExportTasksRequest(input) + return out, req.Send() +} + +// DescribeExportTasksWithContext is the same as DescribeExportTasks with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeExportTasks for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeExportTasksWithContext(ctx aws.Context, input *DescribeExportTasksInput, opts ...request.Option) (*DescribeExportTasksOutput, error) { + req, out := c.DescribeExportTasksRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeExportTasksPages iterates over the pages of a DescribeExportTasks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeExportTasks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeExportTasks operation. +// pageNum := 0 +// err := client.DescribeExportTasksPages(params, +// func(page *rds.DescribeExportTasksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *RDS) DescribeExportTasksPages(input *DescribeExportTasksInput, fn func(*DescribeExportTasksOutput, bool) bool) error { + return c.DescribeExportTasksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeExportTasksPagesWithContext same as DescribeExportTasksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeExportTasksPagesWithContext(ctx aws.Context, input *DescribeExportTasksInput, fn func(*DescribeExportTasksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeExportTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeExportTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeExportTasksOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6557,10 +7929,150 @@ func (c *RDS) DescribeGlobalClustersPagesWithContext(ctx aws.Context, input *Des }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeGlobalClustersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeGlobalClustersOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeInstallationMedia = "DescribeInstallationMedia" + +// DescribeInstallationMediaRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstallationMedia operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstallationMedia for more information on using the DescribeInstallationMedia +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeInstallationMediaRequest method. +// req, resp := client.DescribeInstallationMediaRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeInstallationMedia +func (c *RDS) DescribeInstallationMediaRequest(input *DescribeInstallationMediaInput) (req *request.Request, output *DescribeInstallationMediaOutput) { + op := &request.Operation{ + Name: opDescribeInstallationMedia, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"Marker"}, + OutputTokens: []string{"Marker"}, + LimitToken: "MaxRecords", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeInstallationMediaInput{} + } + + output = &DescribeInstallationMediaOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstallationMedia API operation for Amazon Relational Database Service. +// +// Describes the available installation media for a DB engine that requires +// an on-premises customer provided license, such as Microsoft SQL Server. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation DescribeInstallationMedia for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInstallationMediaNotFoundFault "InstallationMediaNotFound" +// InstallationMediaID doesn't refer to an existing installation medium. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeInstallationMedia +func (c *RDS) DescribeInstallationMedia(input *DescribeInstallationMediaInput) (*DescribeInstallationMediaOutput, error) { + req, out := c.DescribeInstallationMediaRequest(input) + return out, req.Send() +} + +// DescribeInstallationMediaWithContext is the same as DescribeInstallationMedia with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstallationMedia for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeInstallationMediaWithContext(ctx aws.Context, input *DescribeInstallationMediaInput, opts ...request.Option) (*DescribeInstallationMediaOutput, error) { + req, out := c.DescribeInstallationMediaRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeInstallationMediaPages iterates over the pages of a DescribeInstallationMedia operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstallationMedia method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstallationMedia operation. +// pageNum := 0 +// err := client.DescribeInstallationMediaPages(params, +// func(page *rds.DescribeInstallationMediaOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *RDS) DescribeInstallationMediaPages(input *DescribeInstallationMediaInput, fn func(*DescribeInstallationMediaOutput, bool) bool) error { + return c.DescribeInstallationMediaPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstallationMediaPagesWithContext same as DescribeInstallationMediaPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) DescribeInstallationMediaPagesWithContext(ctx aws.Context, input *DescribeInstallationMediaInput, fn func(*DescribeInstallationMediaOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstallationMediaInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstallationMediaRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstallationMediaOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6687,10 +8199,12 @@ func (c *RDS) DescribeOptionGroupOptionsPagesWithContext(ctx aws.Context, input }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeOptionGroupOptionsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeOptionGroupOptionsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6822,10 +8336,12 @@ func (c *RDS) DescribeOptionGroupsPagesWithContext(ctx aws.Context, input *Descr }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeOptionGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeOptionGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -6952,10 +8468,12 @@ func (c *RDS) DescribeOrderableDBInstanceOptionsPagesWithContext(ctx aws.Context }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeOrderableDBInstanceOptionsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeOrderableDBInstanceOptionsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -7168,10 +8686,12 @@ func (c *RDS) DescribeReservedDBInstancesPagesWithContext(ctx aws.Context, input }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeReservedDBInstancesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeReservedDBInstancesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -7303,10 +8823,12 @@ func (c *RDS) DescribeReservedDBInstancesOfferingsPagesWithContext(ctx aws.Conte }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeReservedDBInstancesOfferingsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeReservedDBInstancesOfferingsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -7601,10 +9123,12 @@ func (c *RDS) DownloadDBLogFilePortionPagesWithContext(ctx aws.Context, input *D }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DownloadDBLogFilePortionOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DownloadDBLogFilePortionOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -7708,6 +9232,90 @@ func (c *RDS) FailoverDBClusterWithContext(ctx aws.Context, input *FailoverDBClu return out, req.Send() } +const opImportInstallationMedia = "ImportInstallationMedia" + +// ImportInstallationMediaRequest generates a "aws/request.Request" representing the +// client's request for the ImportInstallationMedia operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ImportInstallationMedia for more information on using the ImportInstallationMedia +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ImportInstallationMediaRequest method. +// req, resp := client.ImportInstallationMediaRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ImportInstallationMedia +func (c *RDS) ImportInstallationMediaRequest(input *ImportInstallationMediaInput) (req *request.Request, output *ImportInstallationMediaOutput) { + op := &request.Operation{ + Name: opImportInstallationMedia, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ImportInstallationMediaInput{} + } + + output = &ImportInstallationMediaOutput{} + req = c.newRequest(op, input, output) + return +} + +// ImportInstallationMedia API operation for Amazon Relational Database Service. +// +// Imports the installation media for a DB engine that requires an on-premises +// customer provided license, such as SQL Server. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation ImportInstallationMedia for usage and error information. +// +// Returned Error Codes: +// * ErrCodeCustomAvailabilityZoneNotFoundFault "CustomAvailabilityZoneNotFound" +// CustomAvailabilityZoneId doesn't refer to an existing custom Availability +// Zone identifier. +// +// * ErrCodeInstallationMediaAlreadyExistsFault "InstallationMediaAlreadyExists" +// The specified installation medium has already been imported. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ImportInstallationMedia +func (c *RDS) ImportInstallationMedia(input *ImportInstallationMediaInput) (*ImportInstallationMediaOutput, error) { + req, out := c.ImportInstallationMediaRequest(input) + return out, req.Send() +} + +// ImportInstallationMediaWithContext is the same as ImportInstallationMedia with the addition of +// the ability to pass a context and additional request options. +// +// See ImportInstallationMedia for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) ImportInstallationMediaWithContext(ctx aws.Context, input *ImportInstallationMediaInput, opts ...request.Option) (*ImportInstallationMediaOutput, error) { + req, out := c.ImportInstallationMediaRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListTagsForResource = "ListTagsForResource" // ListTagsForResourceRequest generates a "aws/request.Request" representing the @@ -7797,6 +9405,111 @@ func (c *RDS) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsFor return out, req.Send() } +const opModifyCertificates = "ModifyCertificates" + +// ModifyCertificatesRequest generates a "aws/request.Request" representing the +// client's request for the ModifyCertificates operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyCertificates for more information on using the ModifyCertificates +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyCertificatesRequest method. +// req, resp := client.ModifyCertificatesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyCertificates +func (c *RDS) ModifyCertificatesRequest(input *ModifyCertificatesInput) (req *request.Request, output *ModifyCertificatesOutput) { + op := &request.Operation{ + Name: opModifyCertificates, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyCertificatesInput{} + } + + output = &ModifyCertificatesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyCertificates API operation for Amazon Relational Database Service. +// +// Override the system-default Secure Sockets Layer/Transport Layer Security +// (SSL/TLS) certificate for Amazon RDS for new DB instances temporarily, or +// remove the override. +// +// By using this operation, you can specify an RDS-approved SSL/TLS certificate +// for new DB instances that is different from the default certificate provided +// by RDS. You can also use this operation to remove the override, so that new +// DB instances use the default certificate provided by RDS. +// +// You might need to override the default certificate in the following situations: +// +// * You already migrated your applications to support the latest certificate +// authority (CA) certificate, but the new CA certificate is not yet the +// RDS default CA certificate for the specified AWS Region. +// +// * RDS has already moved to a new default CA certificate for the specified +// AWS Region, but you are still in the process of supporting the new CA +// certificate. In this case, you temporarily need additional time to finish +// your application changes. +// +// For more information about rotating your SSL/TLS certificate for RDS DB engines, +// see Rotating Your SSL/TLS Certificate (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) +// in the Amazon RDS User Guide. +// +// For more information about rotating your SSL/TLS certificate for Aurora DB +// engines, see Rotating Your SSL/TLS Certificate (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) +// in the Amazon Aurora User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation ModifyCertificates for usage and error information. +// +// Returned Error Codes: +// * ErrCodeCertificateNotFoundFault "CertificateNotFound" +// CertificateIdentifier doesn't refer to an existing certificate. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyCertificates +func (c *RDS) ModifyCertificates(input *ModifyCertificatesInput) (*ModifyCertificatesOutput, error) { + req, out := c.ModifyCertificatesRequest(input) + return out, req.Send() +} + +// ModifyCertificatesWithContext is the same as ModifyCertificates with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyCertificates for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) ModifyCertificatesWithContext(ctx aws.Context, input *ModifyCertificatesInput, opts ...request.Option) (*ModifyCertificatesOutput, error) { + req, out := c.ModifyCertificatesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyCurrentDBClusterCapacity = "ModifyCurrentDBClusterCapacity" // ModifyCurrentDBClusterCapacityRequest generates a "aws/request.Request" representing the @@ -8186,6 +9899,12 @@ func (c *RDS) ModifyDBClusterParameterGroupRequest(input *ModifyDBClusterParamet // or the DescribeDBClusterParameters action to verify that your DB cluster // parameter group has been created or modified. // +// If the modified DB cluster parameter group is used by an Aurora Serverless +// cluster, Aurora applies the update immediately. The cluster restart might +// interrupt your workload. In that case, your application must reopen any connections +// and retry any transactions that were active when the parameter changes took +// effect. +// // This action only applies to Aurora DB clusters. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -8430,11 +10149,11 @@ func (c *RDS) ModifyDBInstanceRequest(input *ModifyDBInstanceInput) (req *reques // Storage of the StorageType specified can't be associated with the DB instance. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeCertificateNotFoundFault "CertificateNotFound" // CertificateIdentifier doesn't refer to an existing certificate. @@ -8567,6 +10286,185 @@ func (c *RDS) ModifyDBParameterGroupWithContext(ctx aws.Context, input *ModifyDB return out, req.Send() } +const opModifyDBProxy = "ModifyDBProxy" + +// ModifyDBProxyRequest generates a "aws/request.Request" representing the +// client's request for the ModifyDBProxy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyDBProxy for more information on using the ModifyDBProxy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyDBProxyRequest method. +// req, resp := client.ModifyDBProxyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyDBProxy +func (c *RDS) ModifyDBProxyRequest(input *ModifyDBProxyInput) (req *request.Request, output *ModifyDBProxyOutput) { + op := &request.Operation{ + Name: opModifyDBProxy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyDBProxyInput{} + } + + output = &ModifyDBProxyOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyDBProxy API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Changes the settings for an existing DB proxy. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation ModifyDBProxy for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// * ErrCodeDBProxyAlreadyExistsFault "DBProxyAlreadyExistsFault" +// The specified proxy name must be unique for all proxies owned by your AWS +// account in the specified AWS Region. +// +// * ErrCodeInvalidDBProxyStateFault "InvalidDBProxyStateFault" +// The requested operation can't be performed while the proxy is in this state. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyDBProxy +func (c *RDS) ModifyDBProxy(input *ModifyDBProxyInput) (*ModifyDBProxyOutput, error) { + req, out := c.ModifyDBProxyRequest(input) + return out, req.Send() +} + +// ModifyDBProxyWithContext is the same as ModifyDBProxy with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyDBProxy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) ModifyDBProxyWithContext(ctx aws.Context, input *ModifyDBProxyInput, opts ...request.Option) (*ModifyDBProxyOutput, error) { + req, out := c.ModifyDBProxyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyDBProxyTargetGroup = "ModifyDBProxyTargetGroup" + +// ModifyDBProxyTargetGroupRequest generates a "aws/request.Request" representing the +// client's request for the ModifyDBProxyTargetGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyDBProxyTargetGroup for more information on using the ModifyDBProxyTargetGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyDBProxyTargetGroupRequest method. +// req, resp := client.ModifyDBProxyTargetGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyDBProxyTargetGroup +func (c *RDS) ModifyDBProxyTargetGroupRequest(input *ModifyDBProxyTargetGroupInput) (req *request.Request, output *ModifyDBProxyTargetGroupOutput) { + op := &request.Operation{ + Name: opModifyDBProxyTargetGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyDBProxyTargetGroupInput{} + } + + output = &ModifyDBProxyTargetGroupOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyDBProxyTargetGroup API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Modifies the properties of a DBProxyTargetGroup. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation ModifyDBProxyTargetGroup for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// * ErrCodeDBProxyTargetGroupNotFoundFault "DBProxyTargetGroupNotFoundFault" +// The specified target group isn't available for a proxy owned by your AWS +// account in the specified AWS Region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyDBProxyTargetGroup +func (c *RDS) ModifyDBProxyTargetGroup(input *ModifyDBProxyTargetGroupInput) (*ModifyDBProxyTargetGroupOutput, error) { + req, out := c.ModifyDBProxyTargetGroupRequest(input) + return out, req.Send() +} + +// ModifyDBProxyTargetGroupWithContext is the same as ModifyDBProxyTargetGroup with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyDBProxyTargetGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) ModifyDBProxyTargetGroupWithContext(ctx aws.Context, input *ModifyDBProxyTargetGroupInput, opts ...request.Option) (*ModifyDBProxyTargetGroupOutput, error) { + req, out := c.ModifyDBProxyTargetGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyDBSnapshot = "ModifyDBSnapshot" // ModifyDBSnapshotRequest generates a "aws/request.Request" representing the @@ -8614,7 +10512,7 @@ func (c *RDS) ModifyDBSnapshotRequest(input *ModifyDBSnapshotInput) (req *reques // Updates a manual DB snapshot, which can be encrypted or not encrypted, with // a new engine version. // -// Amazon RDS supports upgrading DB snapshots for MySQL and Oracle. +// Amazon RDS supports upgrading DB snapshots for MySQL, Oracle, and PostgreSQL. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8890,9 +10788,9 @@ func (c *RDS) ModifyEventSubscriptionRequest(input *ModifyEventSubscriptionInput // ModifyEventSubscription API operation for Amazon Relational Database Service. // -// Modifies an existing RDS event notification subscription. Note that you can't -// modify the source identifiers using this call; to change source identifiers -// for a subscription, use the AddSourceIdentifierToSubscription and RemoveSourceIdentifierFromSubscription +// Modifies an existing RDS event notification subscription. You can't modify +// the source identifiers using this call. To change source identifiers for +// a subscription, use the AddSourceIdentifierToSubscription and RemoveSourceIdentifierFromSubscription // calls. // // You can see a list of the event categories for a given SourceType in the @@ -9470,6 +11368,110 @@ func (c *RDS) RebootDBInstanceWithContext(ctx aws.Context, input *RebootDBInstan return out, req.Send() } +const opRegisterDBProxyTargets = "RegisterDBProxyTargets" + +// RegisterDBProxyTargetsRequest generates a "aws/request.Request" representing the +// client's request for the RegisterDBProxyTargets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterDBProxyTargets for more information on using the RegisterDBProxyTargets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RegisterDBProxyTargetsRequest method. +// req, resp := client.RegisterDBProxyTargetsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RegisterDBProxyTargets +func (c *RDS) RegisterDBProxyTargetsRequest(input *RegisterDBProxyTargetsInput) (req *request.Request, output *RegisterDBProxyTargetsOutput) { + op := &request.Operation{ + Name: opRegisterDBProxyTargets, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RegisterDBProxyTargetsInput{} + } + + output = &RegisterDBProxyTargetsOutput{} + req = c.newRequest(op, input, output) + return +} + +// RegisterDBProxyTargets API operation for Amazon Relational Database Service. +// +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Associate one or more DBProxyTarget data structures with a DBProxyTargetGroup. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation RegisterDBProxyTargets for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBProxyNotFoundFault "DBProxyNotFoundFault" +// The specified proxy name doesn't correspond to a proxy owned by your AWS +// accoutn in the specified AWS Region. +// +// * ErrCodeDBProxyTargetGroupNotFoundFault "DBProxyTargetGroupNotFoundFault" +// The specified target group isn't available for a proxy owned by your AWS +// account in the specified AWS Region. +// +// * ErrCodeDBClusterNotFoundFault "DBClusterNotFoundFault" +// DBClusterIdentifier doesn't refer to an existing DB cluster. +// +// * ErrCodeDBInstanceNotFoundFault "DBInstanceNotFound" +// DBInstanceIdentifier doesn't refer to an existing DB instance. +// +// * ErrCodeDBProxyTargetAlreadyRegisteredFault "DBProxyTargetAlreadyRegisteredFault" +// The proxy is already associated with the specified RDS DB instance or Aurora +// DB cluster. +// +// * ErrCodeInvalidDBInstanceStateFault "InvalidDBInstanceState" +// The DB instance isn't in a valid state. +// +// * ErrCodeInvalidDBClusterStateFault "InvalidDBClusterStateFault" +// The requested operation can't be performed while the cluster is in this state. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RegisterDBProxyTargets +func (c *RDS) RegisterDBProxyTargets(input *RegisterDBProxyTargetsInput) (*RegisterDBProxyTargetsOutput, error) { + req, out := c.RegisterDBProxyTargetsRequest(input) + return out, req.Send() +} + +// RegisterDBProxyTargetsWithContext is the same as RegisterDBProxyTargets with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterDBProxyTargets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) RegisterDBProxyTargetsWithContext(ctx aws.Context, input *RegisterDBProxyTargetsInput, opts ...request.Option) (*RegisterDBProxyTargetsOutput, error) { + req, out := c.RegisterDBProxyTargetsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opRemoveFromGlobalCluster = "RemoveFromGlobalCluster" // RemoveFromGlobalClusterRequest generates a "aws/request.Request" representing the @@ -9710,7 +11712,7 @@ func (c *RDS) RemoveRoleFromDBInstanceRequest(input *RemoveRoleFromDBInstanceInp // DBInstanceIdentifier doesn't refer to an existing DB instance. // // * ErrCodeDBInstanceRoleNotFoundFault "DBInstanceRoleNotFound" -// The specified RoleArn value doesn't match the specifed feature for the DB +// The specified RoleArn value doesn't match the specified feature for the DB // instance. // // * ErrCodeInvalidDBInstanceStateFault "InvalidDBInstanceState" @@ -10275,21 +12277,22 @@ func (c *RDS) RestoreDBClusterFromSnapshotRequest(input *RestoreDBClusterFromSna // RestoreDBClusterFromSnapshot API operation for Amazon Relational Database Service. // -// Creates a new DB cluster from a DB snapshot or DB cluster snapshot. +// Creates a new DB cluster from a DB snapshot or DB cluster snapshot. This +// action only applies to Aurora DB clusters. // -// If a DB snapshot is specified, the target DB cluster is created from the -// source DB snapshot with a default configuration and default security group. +// The target DB cluster is created from the source snapshot with a default +// configuration. If you don't specify a security group, the new DB cluster +// is associated with the default security group. // -// If a DB cluster snapshot is specified, the target DB cluster is created from -// the source DB cluster restore point with the same configuration as the original -// source DB cluster, except that the new DB cluster is created with the default -// security group. +// This action only restores the DB cluster, not the DB instances for that DB +// cluster. You must invoke the CreateDBInstance action to create DB instances +// for the restored DB cluster, specifying the identifier of the restored DB +// cluster in DBClusterIdentifier. You can create DB instances only after the +// RestoreDBClusterFromSnapshot action has completed and the DB cluster is available. // // For more information on Amazon Aurora, see What Is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// This action only applies to Aurora DB clusters. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -10661,11 +12664,11 @@ func (c *RDS) RestoreDBInstanceFromDBSnapshotRequest(input *RestoreDBInstanceFro // Storage of the StorageType specified can't be associated with the DB instance. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" // An error occurred accessing an AWS KMS key. @@ -10813,11 +12816,11 @@ func (c *RDS) RestoreDBInstanceFromS3Request(input *RestoreDBInstanceFromS3Input // Storage of the StorageType specified can't be associated with the DB instance. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" // An error occurred accessing an AWS KMS key. @@ -10966,11 +12969,11 @@ func (c *RDS) RestoreDBInstanceToPointInTimeRequest(input *RestoreDBInstanceToPo // Storage of the StorageType specified can't be associated with the DB instance. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" // An error occurred accessing an AWS KMS key. @@ -11072,11 +13075,11 @@ func (c *RDS) RevokeDBSecurityGroupIngressRequest(input *RevokeDBSecurityGroupIn // DBSecurityGroupName doesn't refer to an existing DB security group. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeInvalidDBSecurityGroupStateFault "InvalidDBSecurityGroupState" // The state of the DB security group doesn't allow deletion. @@ -11384,11 +13387,11 @@ func (c *RDS) StartDBInstanceRequest(input *StartDBInstanceInput) (req *request. // DBClusterIdentifier doesn't refer to an existing DB cluster. // // * ErrCodeAuthorizationNotFoundFault "AuthorizationNotFound" -// The specified CIDRIP or Amazon EC2 security group isn't authorized for the -// specified DB security group. +// The specified CIDR IP range or Amazon EC2 security group might not be authorized +// for the specified DB security group. // -// RDS also may not be authorized by using IAM to perform necessary actions -// on your behalf. +// Or, RDS might not be authorized to perform necessary actions using IAM on +// your behalf. // // * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" // An error occurred accessing an AWS KMS key. @@ -11415,6 +13418,113 @@ func (c *RDS) StartDBInstanceWithContext(ctx aws.Context, input *StartDBInstance return out, req.Send() } +const opStartExportTask = "StartExportTask" + +// StartExportTaskRequest generates a "aws/request.Request" representing the +// client's request for the StartExportTask operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartExportTask for more information on using the StartExportTask +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartExportTaskRequest method. +// req, resp := client.StartExportTaskRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartExportTask +func (c *RDS) StartExportTaskRequest(input *StartExportTaskInput) (req *request.Request, output *StartExportTaskOutput) { + op := &request.Operation{ + Name: opStartExportTask, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartExportTaskInput{} + } + + output = &StartExportTaskOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartExportTask API operation for Amazon Relational Database Service. +// +// Starts an export of a snapshot to Amazon S3. The provided IAM role must have +// access to the S3 bucket. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Relational Database Service's +// API operation StartExportTask for usage and error information. +// +// Returned Error Codes: +// * ErrCodeDBSnapshotNotFoundFault "DBSnapshotNotFound" +// DBSnapshotIdentifier doesn't refer to an existing DB snapshot. +// +// * ErrCodeDBClusterSnapshotNotFoundFault "DBClusterSnapshotNotFoundFault" +// DBClusterSnapshotIdentifier doesn't refer to an existing DB cluster snapshot. +// +// * ErrCodeExportTaskAlreadyExistsFault "ExportTaskAlreadyExists" +// You can't start an export task that's already running. +// +// * ErrCodeInvalidS3BucketFault "InvalidS3BucketFault" +// The specified Amazon S3 bucket name can't be found or Amazon RDS isn't authorized +// to access the specified Amazon S3 bucket. Verify the SourceS3BucketName and +// S3IngestionRoleArn values and try again. +// +// * ErrCodeIamRoleNotFoundFault "IamRoleNotFound" +// The IAM role is missing for exporting to an Amazon S3 bucket. +// +// * ErrCodeIamRoleMissingPermissionsFault "IamRoleMissingPermissions" +// The IAM role requires additional permissions to export to an Amazon S3 bucket. +// +// * ErrCodeInvalidExportOnlyFault "InvalidExportOnly" +// The export is invalid for exporting to an Amazon S3 bucket. +// +// * ErrCodeKMSKeyNotAccessibleFault "KMSKeyNotAccessibleFault" +// An error occurred accessing an AWS KMS key. +// +// * ErrCodeInvalidExportSourceStateFault "InvalidExportSourceState" +// The state of the export snapshot is invalid for exporting to an Amazon S3 +// bucket. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartExportTask +func (c *RDS) StartExportTask(input *StartExportTaskInput) (*StartExportTaskOutput, error) { + req, out := c.StartExportTaskRequest(input) + return out, req.Send() +} + +// StartExportTaskWithContext is the same as StartExportTask with the addition of +// the ability to pass a context and additional request options. +// +// See StartExportTask for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *RDS) StartExportTaskWithContext(ctx aws.Context, input *StartExportTaskInput, opts ...request.Option) (*StartExportTaskOutput, error) { + req, out := c.StartExportTaskRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStopActivityStream = "StopActivityStream" // StopActivityStreamRequest generates a "aws/request.Request" representing the @@ -11739,7 +13849,9 @@ func (c *RDS) StopDBInstanceWithContext(ctx aws.Context, input *StopDBInstanceIn // a lower number of associated IAM roles. // // * DBInstances - The number of DB instances per account. The used value -// is the count of the DB instances in the account. +// is the count of the DB instances in the account. Amazon RDS DB instances, +// Amazon Aurora DB instances, Amazon Neptune instances, and Amazon DocumentDB +// instances apply to this quota. // // * DBParameterGroups - The number of DB parameter groups per account, excluding // default parameter groups. The used value is the count of nondefault DB @@ -11776,8 +13888,8 @@ func (c *RDS) StopDBInstanceWithContext(ctx aws.Context, input *StopDBInstanceIn // account. Other DB subnet groups in the account might have a lower number // of subnets. // -// For more information, see Limits (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html) -// in the Amazon RDS User Guide and Limits (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html) +// For more information, see Quotas for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html) +// in the Amazon RDS User Guide and Quotas for Amazon Aurora (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html) // in the Amazon Aurora User Guide. type AccountQuota struct { _ struct{} `type:"structure"` @@ -12143,7 +14255,7 @@ type ApplyPendingMaintenanceActionInput struct { // The pending maintenance action to apply to this resource. // - // Valid values: system-update, db-upgrade, hardware-maintenance + // Valid values: system-update, db-upgrade, hardware-maintenance, ca-certificate-rotation // // ApplyAction is a required field ApplyAction *string `type:"string" required:"true"` @@ -12263,7 +14375,7 @@ type AuthorizeDBSecurityGroupIngressInput struct { EC2SecurityGroupName *string `type:"string"` // AWS account number of the owner of the EC2 security group specified in the - // EC2SecurityGroupName parameter. The AWS Access Key ID is not an acceptable + // EC2SecurityGroupName parameter. The AWS access key ID isn't an acceptable // value. For VPC DB security groups, EC2SecurityGroupId must be provided. Otherwise, // EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId // must be provided. @@ -12430,7 +14542,7 @@ type BacktrackDBClusterInput struct { // 8601 format. For more information about ISO 8601, see the ISO8601 Wikipedia // page. (http://en.wikipedia.org/wiki/ISO_8601) // - // If the specified time is not a consistent time for the DB cluster, Aurora + // If the specified time isn't a consistent time for the DB cluster, Aurora // automatically chooses the nearest possible consistent time for the DB cluster. // // Constraints: @@ -12606,6 +14718,214 @@ func (s *BacktrackDBClusterOutput) SetStatus(v string) *BacktrackDBClusterOutput return s } +type CancelExportTaskInput struct { + _ struct{} `type:"structure"` + + // The identifier of the snapshot export task to cancel. + // + // ExportTaskIdentifier is a required field + ExportTaskIdentifier *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CancelExportTaskInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CancelExportTaskInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CancelExportTaskInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CancelExportTaskInput"} + if s.ExportTaskIdentifier == nil { + invalidParams.Add(request.NewErrParamRequired("ExportTaskIdentifier")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetExportTaskIdentifier sets the ExportTaskIdentifier field's value. +func (s *CancelExportTaskInput) SetExportTaskIdentifier(v string) *CancelExportTaskInput { + s.ExportTaskIdentifier = &v + return s +} + +// Contains the details of a snapshot export to Amazon S3. +// +// This data type is used as a response element in the DescribeExportTasks action. +type CancelExportTaskOutput struct { + _ struct{} `type:"structure"` + + // The data exported from the snapshot. Valid values are the following: + // + // * database - Export all the data of the snapshot. + // + // * database.table [table-name] - Export a table of the snapshot. + // + // * database.schema [schema-name] - Export a database schema of the snapshot. + // This value isn't valid for RDS for MySQL, RDS for MariaDB, or Aurora MySQL. + // + // * database.schema.table [table-name] - Export a table of the database + // schema. This value isn't valid for RDS for MySQL, RDS for MariaDB, or + // Aurora MySQL. + ExportOnly []*string `type:"list"` + + // A unique identifier for the snapshot export task. This ID isn't an identifier + // for the Amazon S3 bucket where the snapshot is exported to. + ExportTaskIdentifier *string `type:"string"` + + // The reason the export failed, if it failed. + FailureCause *string `type:"string"` + + // The name of the IAM role that is used to write to Amazon S3 when exporting + // a snapshot. + IamRoleArn *string `type:"string"` + + // The ID of the AWS KMS key that is used to encrypt the snapshot when it's + // exported to Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), + // the KMS key identifier, or the KMS key alias for the KMS encryption key. + // The IAM role used for the snapshot export must have encryption and decryption + // permissions to use this KMS key. + KmsKeyId *string `type:"string"` + + // The progress of the snapshot export task as a percentage. + PercentProgress *int64 `type:"integer"` + + // The Amazon S3 bucket that the snapshot is exported to. + S3Bucket *string `type:"string"` + + // The Amazon S3 bucket prefix that is the file name and path of the exported + // snapshot. + S3Prefix *string `type:"string"` + + // The time that the snapshot was created. + SnapshotTime *time.Time `type:"timestamp"` + + // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + SourceArn *string `type:"string"` + + // The progress status of the export task. + Status *string `type:"string"` + + // The time that the snapshot export task completed. + TaskEndTime *time.Time `type:"timestamp"` + + // The time that the snapshot export task started. + TaskStartTime *time.Time `type:"timestamp"` + + // The total amount of data exported, in gigabytes. + TotalExtractedDataInGB *int64 `type:"integer"` + + // A warning about the snapshot export task. + WarningMessage *string `type:"string"` +} + +// String returns the string representation +func (s CancelExportTaskOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CancelExportTaskOutput) GoString() string { + return s.String() +} + +// SetExportOnly sets the ExportOnly field's value. +func (s *CancelExportTaskOutput) SetExportOnly(v []*string) *CancelExportTaskOutput { + s.ExportOnly = v + return s +} + +// SetExportTaskIdentifier sets the ExportTaskIdentifier field's value. +func (s *CancelExportTaskOutput) SetExportTaskIdentifier(v string) *CancelExportTaskOutput { + s.ExportTaskIdentifier = &v + return s +} + +// SetFailureCause sets the FailureCause field's value. +func (s *CancelExportTaskOutput) SetFailureCause(v string) *CancelExportTaskOutput { + s.FailureCause = &v + return s +} + +// SetIamRoleArn sets the IamRoleArn field's value. +func (s *CancelExportTaskOutput) SetIamRoleArn(v string) *CancelExportTaskOutput { + s.IamRoleArn = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *CancelExportTaskOutput) SetKmsKeyId(v string) *CancelExportTaskOutput { + s.KmsKeyId = &v + return s +} + +// SetPercentProgress sets the PercentProgress field's value. +func (s *CancelExportTaskOutput) SetPercentProgress(v int64) *CancelExportTaskOutput { + s.PercentProgress = &v + return s +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *CancelExportTaskOutput) SetS3Bucket(v string) *CancelExportTaskOutput { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *CancelExportTaskOutput) SetS3Prefix(v string) *CancelExportTaskOutput { + s.S3Prefix = &v + return s +} + +// SetSnapshotTime sets the SnapshotTime field's value. +func (s *CancelExportTaskOutput) SetSnapshotTime(v time.Time) *CancelExportTaskOutput { + s.SnapshotTime = &v + return s +} + +// SetSourceArn sets the SourceArn field's value. +func (s *CancelExportTaskOutput) SetSourceArn(v string) *CancelExportTaskOutput { + s.SourceArn = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *CancelExportTaskOutput) SetStatus(v string) *CancelExportTaskOutput { + s.Status = &v + return s +} + +// SetTaskEndTime sets the TaskEndTime field's value. +func (s *CancelExportTaskOutput) SetTaskEndTime(v time.Time) *CancelExportTaskOutput { + s.TaskEndTime = &v + return s +} + +// SetTaskStartTime sets the TaskStartTime field's value. +func (s *CancelExportTaskOutput) SetTaskStartTime(v time.Time) *CancelExportTaskOutput { + s.TaskStartTime = &v + return s +} + +// SetTotalExtractedDataInGB sets the TotalExtractedDataInGB field's value. +func (s *CancelExportTaskOutput) SetTotalExtractedDataInGB(v int64) *CancelExportTaskOutput { + s.TotalExtractedDataInGB = &v + return s +} + +// SetWarningMessage sets the WarningMessage field's value. +func (s *CancelExportTaskOutput) SetWarningMessage(v string) *CancelExportTaskOutput { + s.WarningMessage = &v + return s +} + // A CA certificate for an AWS account. type Certificate struct { _ struct{} `type:"structure"` @@ -12619,6 +14939,13 @@ type Certificate struct { // The type of the certificate. CertificateType *string `type:"string"` + // Whether there is an override for the default certificate identifier. + CustomerOverride *bool `type:"boolean"` + + // If there is an override for the default certificate identifier, when the + // override expires. + CustomerOverrideValidTill *time.Time `type:"timestamp"` + // The thumbprint of the certificate. Thumbprint *string `type:"string"` @@ -12657,6 +14984,18 @@ func (s *Certificate) SetCertificateType(v string) *Certificate { return s } +// SetCustomerOverride sets the CustomerOverride field's value. +func (s *Certificate) SetCustomerOverride(v bool) *Certificate { + s.CustomerOverride = &v + return s +} + +// SetCustomerOverrideValidTill sets the CustomerOverrideValidTill field's value. +func (s *Certificate) SetCustomerOverrideValidTill(v time.Time) *Certificate { + s.CustomerOverrideValidTill = &v + return s +} + // SetThumbprint sets the Thumbprint field's value. func (s *Certificate) SetThumbprint(v string) *Certificate { s.Thumbprint = &v @@ -12748,6 +15087,186 @@ func (s *CloudwatchLogsExportConfiguration) SetEnableLogTypes(v []*string) *Clou return s } +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Specifies the settings that control the size and behavior of the connection +// pool associated with a DBProxyTargetGroup. +type ConnectionPoolConfiguration struct { + _ struct{} `type:"structure"` + + // The number of seconds for a proxy to wait for a connection to become available + // in the connection pool. Only applies when the proxy has opened its maximum + // number of connections and all connections are busy with client sessions. + // + // Default: 120 + // + // Constraints: between 1 and 3600, or 0 representing unlimited + ConnectionBorrowTimeout *int64 `type:"integer"` + + // One or more SQL statements for the proxy to run when opening each new database + // connection. Typically used with SET statements to make sure that each connection + // has identical settings such as time zone and character set. For multiple + // statements, use semicolons as the separator. You can also include multiple + // variables in a single SET statement, such as SET x=1, y=2. + // + // Default: no initialization query + InitQuery *string `type:"string"` + + // The maximum size of the connection pool for each target in a target group. + // For Aurora MySQL, it is expressed as a percentage of the max_connections + // setting for the RDS DB instance or Aurora DB cluster used by the target group. + // + // Default: 100 + // + // Constraints: between 1 and 100 + MaxConnectionsPercent *int64 `type:"integer"` + + // Controls how actively the proxy closes idle database connections in the connection + // pool. A high value enables the proxy to leave a high percentage of idle connections + // open. A low value causes the proxy to close idle client connections and return + // the underlying database connections to the connection pool. For Aurora MySQL, + // it is expressed as a percentage of the max_connections setting for the RDS + // DB instance or Aurora DB cluster used by the target group. + // + // Default: 50 + // + // Constraints: between 0 and MaxConnectionsPercent + MaxIdleConnectionsPercent *int64 `type:"integer"` + + // Each item in the list represents a class of SQL operations that normally + // cause all later statements in a session using a proxy to be pinned to the + // same underlying database connection. Including an item in the list exempts + // that class of SQL operations from the pinning behavior. + // + // Default: no session pinning filters + SessionPinningFilters []*string `type:"list"` +} + +// String returns the string representation +func (s ConnectionPoolConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConnectionPoolConfiguration) GoString() string { + return s.String() +} + +// SetConnectionBorrowTimeout sets the ConnectionBorrowTimeout field's value. +func (s *ConnectionPoolConfiguration) SetConnectionBorrowTimeout(v int64) *ConnectionPoolConfiguration { + s.ConnectionBorrowTimeout = &v + return s +} + +// SetInitQuery sets the InitQuery field's value. +func (s *ConnectionPoolConfiguration) SetInitQuery(v string) *ConnectionPoolConfiguration { + s.InitQuery = &v + return s +} + +// SetMaxConnectionsPercent sets the MaxConnectionsPercent field's value. +func (s *ConnectionPoolConfiguration) SetMaxConnectionsPercent(v int64) *ConnectionPoolConfiguration { + s.MaxConnectionsPercent = &v + return s +} + +// SetMaxIdleConnectionsPercent sets the MaxIdleConnectionsPercent field's value. +func (s *ConnectionPoolConfiguration) SetMaxIdleConnectionsPercent(v int64) *ConnectionPoolConfiguration { + s.MaxIdleConnectionsPercent = &v + return s +} + +// SetSessionPinningFilters sets the SessionPinningFilters field's value. +func (s *ConnectionPoolConfiguration) SetSessionPinningFilters(v []*string) *ConnectionPoolConfiguration { + s.SessionPinningFilters = v + return s +} + +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Displays the settings that control the size and behavior of the connection +// pool associated with a DBProxyTarget. +type ConnectionPoolConfigurationInfo struct { + _ struct{} `type:"structure"` + + // The number of seconds for a proxy to wait for a connection to become available + // in the connection pool. Only applies when the proxy has opened its maximum + // number of connections and all connections are busy with client sessions. + ConnectionBorrowTimeout *int64 `type:"integer"` + + // One or more SQL statements for the proxy to run when opening each new database + // connection. Typically used with SET statements to make sure that each connection + // has identical settings such as time zone and character set. This setting + // is empty by default. For multiple statements, use semicolons as the separator. + // You can also include multiple variables in a single SET statement, such as + // SET x=1, y=2. + InitQuery *string `type:"string"` + + // The maximum size of the connection pool for each target in a target group. + // For Aurora MySQL, it is expressed as a percentage of the max_connections + // setting for the RDS DB instance or Aurora DB cluster used by the target group. + MaxConnectionsPercent *int64 `type:"integer"` + + // Controls how actively the proxy closes idle database connections in the connection + // pool. A high value enables the proxy to leave a high percentage of idle connections + // open. A low value causes the proxy to close idle client connections and return + // the underlying database connections to the connection pool. For Aurora MySQL, + // it is expressed as a percentage of the max_connections setting for the RDS + // DB instance or Aurora DB cluster used by the target group. + MaxIdleConnectionsPercent *int64 `type:"integer"` + + // Each item in the list represents a class of SQL operations that normally + // cause all later statements in a session using a proxy to be pinned to the + // same underlying database connection. Including an item in the list exempts + // that class of SQL operations from the pinning behavior. Currently, the only + // allowed value is EXCLUDE_VARIABLE_SETS. + SessionPinningFilters []*string `type:"list"` +} + +// String returns the string representation +func (s ConnectionPoolConfigurationInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConnectionPoolConfigurationInfo) GoString() string { + return s.String() +} + +// SetConnectionBorrowTimeout sets the ConnectionBorrowTimeout field's value. +func (s *ConnectionPoolConfigurationInfo) SetConnectionBorrowTimeout(v int64) *ConnectionPoolConfigurationInfo { + s.ConnectionBorrowTimeout = &v + return s +} + +// SetInitQuery sets the InitQuery field's value. +func (s *ConnectionPoolConfigurationInfo) SetInitQuery(v string) *ConnectionPoolConfigurationInfo { + s.InitQuery = &v + return s +} + +// SetMaxConnectionsPercent sets the MaxConnectionsPercent field's value. +func (s *ConnectionPoolConfigurationInfo) SetMaxConnectionsPercent(v int64) *ConnectionPoolConfigurationInfo { + s.MaxConnectionsPercent = &v + return s +} + +// SetMaxIdleConnectionsPercent sets the MaxIdleConnectionsPercent field's value. +func (s *ConnectionPoolConfigurationInfo) SetMaxIdleConnectionsPercent(v int64) *ConnectionPoolConfigurationInfo { + s.MaxIdleConnectionsPercent = &v + return s +} + +// SetSessionPinningFilters sets the SessionPinningFilters field's value. +func (s *ConnectionPoolConfigurationInfo) SetSessionPinningFilters(v []*string) *ConnectionPoolConfigurationInfo { + s.SessionPinningFilters = v + return s +} + type CopyDBClusterParameterGroupInput struct { _ struct{} `type:"structure"` @@ -12886,9 +15405,9 @@ type CopyDBClusterSnapshotInput struct { // DestinationRegion is used for presigning the request to a given region. DestinationRegion *string `type:"string"` - // The AWS AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key - // ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key - // alias for the KMS encryption key. + // The AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key ID is + // the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias + // for the KMS encryption key. // // If you copy an encrypted DB cluster snapshot from your AWS account, you can // specify a value for KmsKeyId to encrypt the copy with a new KMS encryption @@ -12911,7 +15430,8 @@ type CopyDBClusterSnapshotInput struct { // The URL that contains a Signature Version 4 signed request for the CopyDBClusterSnapshot // API action in the AWS Region that contains the source DB cluster snapshot // to copy. The PreSignedUrl parameter must be used when copying an encrypted - // DB cluster snapshot from another AWS Region. + // DB cluster snapshot from another AWS Region. Don't specify PreSignedUrl when + // you are copying an encrypted DB cluster snapshot in the same AWS Region. // // The pre-signed URL must be a valid request for the CopyDBSClusterSnapshot // API action that can be executed in the source AWS Region that contains the @@ -12925,7 +15445,7 @@ type CopyDBClusterSnapshotInput struct { // pre-signed URL. // // * DestinationRegion - The name of the AWS Region that the DB cluster snapshot - // will be created in. + // is to be created in. // // * SourceDBClusterSnapshotIdentifier - The DB cluster snapshot identifier // for the encrypted DB cluster snapshot to be copied. This identifier must @@ -12937,10 +15457,14 @@ type CopyDBClusterSnapshotInput struct { // To learn how to generate a Signature Version 4 signed request, see Authenticating // Requests: Using Query Parameters (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) // and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). + // + // If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion + // (or --source-region for the AWS CLI) instead of specifying PreSignedUrl manually. + // Specifying SourceRegion autogenerates a pre-signed URL that is a valid request + // for the operation that can be executed in the source AWS Region. PreSignedUrl *string `type:"string"` - // The identifier of the DB cluster snapshot to copy. This parameter is not - // case-sensitive. + // The identifier of the DB cluster snapshot to copy. This parameter isn't case-sensitive. // // You can't copy an encrypted, shared DB cluster snapshot from one AWS Region // to another. @@ -12972,7 +15496,7 @@ type CopyDBClusterSnapshotInput struct { Tags []*Tag `locationNameList:"Tag" type:"list"` // The identifier of the new DB cluster snapshot to create from the source DB - // cluster snapshot. This parameter is not case-sensitive. + // cluster snapshot. This parameter isn't case-sensitive. // // Constraints: // @@ -13257,9 +15781,8 @@ type CopyDBSnapshotInput struct { // to copy. // // You must specify this parameter when you copy an encrypted DB snapshot from - // another AWS Region by using the Amazon RDS API. You can specify the --source-region - // option instead of this parameter when you copy an encrypted DB snapshot from - // another AWS Region by using the AWS CLI. + // another AWS Region by using the Amazon RDS API. Don't specify PreSignedUrl + // when you are copying an encrypted DB snapshot in the same AWS Region. // // The presigned URL must be a valid request for the CopyDBSnapshot API action // that can be executed in the source AWS Region that contains the encrypted @@ -13289,6 +15812,11 @@ type CopyDBSnapshotInput struct { // To learn how to generate a Signature Version 4 signed request, see Authenticating // Requests: Using Query Parameters (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) // and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). + // + // If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion + // (or --source-region for the AWS CLI) instead of specifying PreSignedUrl manually. + // Specifying SourceRegion autogenerates a pre-signed URL that is a valid request + // for the operation that can be executed in the source AWS Region. PreSignedUrl *string `type:"string"` // The identifier for the source DB snapshot. @@ -13572,6 +16100,105 @@ func (s *CopyOptionGroupOutput) SetOptionGroup(v *OptionGroup) *CopyOptionGroupO return s } +type CreateCustomAvailabilityZoneInput struct { + _ struct{} `type:"structure"` + + // The name of the custom Availability Zone (AZ). + // + // CustomAvailabilityZoneName is a required field + CustomAvailabilityZoneName *string `type:"string" required:"true"` + + // The ID of an existing virtual private network (VPN) between the Amazon RDS + // website and the VMware vSphere cluster. + ExistingVpnId *string `type:"string"` + + // The name of a new VPN tunnel between the Amazon RDS website and the VMware + // vSphere cluster. + // + // Specify this parameter only if ExistingVpnId isn't specified. + NewVpnTunnelName *string `type:"string"` + + // The IP address of network traffic from your on-premises data center. A custom + // AZ receives the network traffic. + // + // Specify this parameter only if ExistingVpnId isn't specified. + VpnTunnelOriginatorIP *string `type:"string"` +} + +// String returns the string representation +func (s CreateCustomAvailabilityZoneInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateCustomAvailabilityZoneInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateCustomAvailabilityZoneInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateCustomAvailabilityZoneInput"} + if s.CustomAvailabilityZoneName == nil { + invalidParams.Add(request.NewErrParamRequired("CustomAvailabilityZoneName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomAvailabilityZoneName sets the CustomAvailabilityZoneName field's value. +func (s *CreateCustomAvailabilityZoneInput) SetCustomAvailabilityZoneName(v string) *CreateCustomAvailabilityZoneInput { + s.CustomAvailabilityZoneName = &v + return s +} + +// SetExistingVpnId sets the ExistingVpnId field's value. +func (s *CreateCustomAvailabilityZoneInput) SetExistingVpnId(v string) *CreateCustomAvailabilityZoneInput { + s.ExistingVpnId = &v + return s +} + +// SetNewVpnTunnelName sets the NewVpnTunnelName field's value. +func (s *CreateCustomAvailabilityZoneInput) SetNewVpnTunnelName(v string) *CreateCustomAvailabilityZoneInput { + s.NewVpnTunnelName = &v + return s +} + +// SetVpnTunnelOriginatorIP sets the VpnTunnelOriginatorIP field's value. +func (s *CreateCustomAvailabilityZoneInput) SetVpnTunnelOriginatorIP(v string) *CreateCustomAvailabilityZoneInput { + s.VpnTunnelOriginatorIP = &v + return s +} + +type CreateCustomAvailabilityZoneOutput struct { + _ struct{} `type:"structure"` + + // A custom Availability Zone (AZ) is an on-premises AZ that is integrated with + // a VMware vSphere cluster. + // + // For more information about RDS on VMware, see the RDS on VMware User Guide. + // (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) + CustomAvailabilityZone *CustomAvailabilityZone `type:"structure"` +} + +// String returns the string representation +func (s CreateCustomAvailabilityZoneOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateCustomAvailabilityZoneOutput) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZone sets the CustomAvailabilityZone field's value. +func (s *CreateCustomAvailabilityZoneOutput) SetCustomAvailabilityZone(v *CustomAvailabilityZone) *CreateCustomAvailabilityZoneOutput { + s.CustomAvailabilityZone = v + return s +} + type CreateDBClusterEndpointInput struct { _ struct{} `type:"structure"` @@ -13599,6 +16226,9 @@ type CreateDBClusterEndpointInput struct { // List of DB instance identifiers that are part of the custom endpoint group. StaticMembers []*string `type:"list"` + + // The tags to be assigned to the Amazon RDS resource. + Tags []*Tag `locationNameList:"Tag" type:"list"` } // String returns the string representation @@ -13660,6 +16290,12 @@ func (s *CreateDBClusterEndpointInput) SetStaticMembers(v []*string) *CreateDBCl return s } +// SetTags sets the Tags field's value. +func (s *CreateDBClusterEndpointInput) SetTags(v []*Tag) *CreateDBClusterEndpointInput { + s.Tags = v + return s +} + // This data type represents the information you need to connect to an Amazon // Aurora DB cluster. This data type is used as a response element in the following // actions: @@ -13837,7 +16473,8 @@ type CreateDBClusterInput struct { DBClusterIdentifier *string `type:"string" required:"true"` // The name of the DB cluster parameter group to associate with this DB cluster. - // If this argument is omitted, default.aurora5.6 is used. + // If you do not specify a value, then the default DB cluster parameter group + // for the specified DB engine and version is used. // // Constraints: // @@ -13853,8 +16490,8 @@ type CreateDBClusterInput struct { // Example: mySubnetgroup DBSubnetGroupName *string `type:"string"` - // The name for your database of up to 64 alpha-numeric characters. If you do - // not provide a name, Amazon RDS will not create a database in the DB cluster + // The name for your database of up to 64 alphanumeric characters. If you do + // not provide a name, Amazon RDS doesn't create a database in the DB cluster // you are creating. DatabaseName *string `type:"string"` @@ -13900,6 +16537,17 @@ type CreateDBClusterInput struct { // The DB engine mode of the DB cluster, either provisioned, serverless, parallelquery, // global, or multimaster. + // + // Limitations and requirements apply to some DB engine modes. For more information, + // see the following sections in the Amazon Aurora User Guide: + // + // * Limitations of Aurora Serverless (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) + // + // * Limitations of Parallel Query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations) + // + // * Requirements for Aurora Global Databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations) + // + // * Limitations of Multi-Master Clusters (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations) EngineMode *string `type:"string"` // The version number of the database engine to use. @@ -13939,14 +16587,14 @@ type CreateDBClusterInput struct { // the KMS encryption key used to encrypt the new DB cluster, then you can use // the KMS key alias instead of the ARN for the KMS encryption key. // - // If an encryption key is not specified in KmsKeyId: + // If an encryption key isn't specified in KmsKeyId: // // * If ReplicationSourceIdentifier identifies an encrypted source, then // Amazon RDS will use the encryption key used to encrypt the source. Otherwise, // Amazon RDS will use your default encryption key. // // * If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier - // is not specified, then Amazon RDS will use your default encryption key. + // isn't specified, then Amazon RDS will use your default encryption key. // // AWS KMS creates the default encryption key for your AWS account. Your AWS // account has a different default encryption key for each AWS Region. @@ -14014,6 +16662,11 @@ type CreateDBClusterInput struct { // To learn how to generate a Signature Version 4 signed request, see Authenticating // Requests: Using Query Parameters (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) // and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). + // + // If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion + // (or --source-region for the AWS CLI) instead of specifying PreSignedUrl manually. + // Specifying SourceRegion autogenerates a pre-signed URL that is a valid request + // for the operation that can be executed in the source AWS Region. PreSignedUrl *string `type:"string"` // The daily time range during which automated backups are created if automated @@ -14440,7 +17093,7 @@ type CreateDBClusterSnapshotInput struct { _ struct{} `type:"structure"` // The identifier of the DB cluster to create a snapshot for. This parameter - // is not case-sensitive. + // isn't case-sensitive. // // Constraints: // @@ -14628,6 +17281,13 @@ type CreateDBInstanceInput struct { // Constraint: The AvailabilityZone parameter can't be specified if the DB instance // is a Multi-AZ deployment. The specified Availability Zone must be in the // same AWS Region as the current endpoint. + // + // If you're creating a DB instance in an RDS on VMware environment, specify + // the identifier of the custom Availability Zone to create the DB instance + // in. + // + // For more information about RDS on VMware, see the RDS on VMware User Guide. + // (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) AvailabilityZone *string `type:"string"` // The number of days for which automated backups are retained. Setting this @@ -14699,7 +17359,7 @@ type CreateDBInstanceInput struct { // MySQL // // The name of the database to create when the DB instance is created. If this - // parameter is not specified, no database is created in the DB instance. + // parameter isn't specified, no database is created in the DB instance. // // Constraints: // @@ -14710,7 +17370,7 @@ type CreateDBInstanceInput struct { // MariaDB // // The name of the database to create when the DB instance is created. If this - // parameter is not specified, no database is created in the DB instance. + // parameter isn't specified, no database is created in the DB instance. // // Constraints: // @@ -14721,7 +17381,7 @@ type CreateDBInstanceInput struct { // PostgreSQL // // The name of the database to create when the DB instance is created. If this - // parameter is not specified, the default "postgres" database is created in + // parameter isn't specified, the default "postgres" database is created in // the DB instance. // // Constraints: @@ -14752,7 +17412,7 @@ type CreateDBInstanceInput struct { // Amazon Aurora // // The name of the database to create when the primary instance of the DB cluster - // is created. If this parameter is not specified, no database is created in + // is created. If this parameter isn't specified, no database is created in // the DB instance. // // Constraints: @@ -14763,8 +17423,8 @@ type CreateDBInstanceInput struct { DBName *string `type:"string"` // The name of the DB parameter group to associate with this DB instance. If - // you do not specify a value for DBParameterGroupName, then the default DBParameterGroup - // for the specified DB engine is used. + // you do not specify a value, then the default DB parameter group for the specified + // DB engine and version is used. // // Constraints: // @@ -14789,6 +17449,13 @@ type CreateDBInstanceInput struct { // The database can't be deleted when deletion protection is enabled. By default, // deletion protection is disabled. For more information, see Deleting a DB // Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). + // + // Amazon Aurora + // + // Not applicable. You can enable or disable deletion protection for the DB + // cluster. For more information, see CreateDBCluster. DB instances in a DB + // cluster can be deleted even when deletion protection is enabled for the DB + // cluster. DeletionProtection *bool `type:"boolean"` // The Active Directory directory ID to create the DB instance in. Currently, @@ -14936,8 +17603,10 @@ type CreateDBInstanceInput struct { // values, see Amazon RDS Provisioned IOPS Storage to Improve Performance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) // in the Amazon RDS User Guide. // - // Constraints: Must be a multiple between 1 and 50 of the storage amount for - // the DB instance. + // Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must + // be a multiple between .5 and 50 of the storage amount for the DB instance. + // For SQL Server DB instances, must be a multiple between 1 and 50 of the storage + // amount for the DB instance. Iops *int64 `type:"integer"` // The AWS KMS key identifier for an encrypted DB instance. @@ -15089,7 +17758,7 @@ type CreateDBInstanceInput struct { // group. // // Permanent options, such as the TDE option for Oracle Advanced Security TDE, - // can't be removed from an option group, and that option group can't be removed + // can't be removed from an option group. Also, that option group can't be removed // from a DB instance once it is associated with a DB instance OptionGroupName *string `type:"string"` @@ -15212,13 +17881,13 @@ type CreateDBInstanceInput struct { // A value that indicates whether the DB instance is publicly accessible. When // the DB instance is publicly accessible, it is an Internet-facing instance // with a publicly resolvable DNS name, which resolves to a public IP address. - // When the DB instance is not publicly accessible, it is an internal instance + // When the DB instance isn't publicly accessible, it is an internal instance // with a DNS name that resolves to a private IP address. // // Default: The default behavior varies depending on whether DBSubnetGroupName // is specified. // - // If DBSubnetGroupName is not specified, and PubliclyAccessible is not specified, + // If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, // the following applies: // // * If the default VPC in the target region doesn’t have an Internet gateway @@ -15227,7 +17896,7 @@ type CreateDBInstanceInput struct { // * If the default VPC in the target region has an Internet gateway attached // to it, the DB instance is public. // - // If DBSubnetGroupName is specified, and PubliclyAccessible is not specified, + // If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, // the following applies: // // * If the subnets are part of a VPC that doesn’t have an Internet gateway @@ -15238,7 +17907,7 @@ type CreateDBInstanceInput struct { PubliclyAccessible *bool `type:"boolean"` // A value that indicates whether the DB instance is encrypted. By default, - // it is not encrypted. + // it isn't encrypted. // // Amazon Aurora // @@ -15653,6 +18322,9 @@ type CreateDBInstanceReadReplicaInput struct { // or the default DBParameterGroup for the specified DB engine for a cross region // Read Replica. // + // Currently, specifying a parameter group for this operation is only supported + // for Oracle DB instances. + // // Constraints: // // * Must be 1 to 255 letters, numbers, or hyphens. @@ -15664,7 +18336,7 @@ type CreateDBInstanceReadReplicaInput struct { // Specifies a DB subnet group for the DB instance. The new DB instance is created // in the VPC associated with the DB subnet group. If no DB subnet group is - // specified, then the new DB instance is not created in a VPC. + // specified, then the new DB instance isn't created in a VPC. // // Constraints: // @@ -15804,9 +18476,8 @@ type CreateDBInstanceReadReplicaInput struct { // API action in the source AWS Region that contains the source DB instance. // // You must specify this parameter when you create an encrypted Read Replica - // from another AWS Region by using the Amazon RDS API. You can specify the - // --source-region option instead of this parameter when you create an encrypted - // Read Replica from another AWS Region by using the AWS CLI. + // from another AWS Region by using the Amazon RDS API. Don't specify PreSignedUrl + // when you are creating an encrypted Read Replica in the same AWS Region. // // The presigned URL must be a valid request for the CreateDBInstanceReadReplica // API action that can be executed in the source AWS Region that contains the @@ -15838,6 +18509,11 @@ type CreateDBInstanceReadReplicaInput struct { // To learn how to generate a Signature Version 4 signed request, see Authenticating // Requests: Using Query Parameters (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) // and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). + // + // If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion + // (or --source-region for the AWS CLI) instead of specifying PreSignedUrl manually. + // Specifying SourceRegion autogenerates a pre-signed URL that is a valid request + // for the operation that can be executed in the source AWS Region. PreSignedUrl *string `type:"string"` // The number of CPU cores and the number of threads per core for the DB instance @@ -15847,7 +18523,7 @@ type CreateDBInstanceReadReplicaInput struct { // A value that indicates whether the DB instance is publicly accessible. When // the DB instance is publicly accessible, it is an Internet-facing instance // with a publicly resolvable DNS name, which resolves to a public IP address. - // When the DB instance is not publicly accessible, it is an internal instance + // When the DB instance isn't publicly accessible, it is an internal instance // with a DNS name that resolves to a private IP address. For more information, // see CreateDBInstance. PubliclyAccessible *bool `type:"boolean"` @@ -16277,6 +18953,186 @@ func (s *CreateDBParameterGroupOutput) SetDBParameterGroup(v *DBParameterGroup) return s } +type CreateDBProxyInput struct { + _ struct{} `type:"structure"` + + // The authorization mechanism that the proxy uses. + // + // Auth is a required field + Auth []*UserAuthConfig `type:"list" required:"true"` + + // The identifier for the proxy. This name must be unique for all proxies owned + // by your AWS account in the specified AWS Region. An identifier must begin + // with a letter and must contain only ASCII letters, digits, and hyphens; it + // can't end with a hyphen or contain two consecutive hyphens. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // Whether the proxy includes detailed information about SQL statements in its + // logs. This information helps you to debug issues involving SQL behavior or + // the performance and scalability of the proxy connections. The debug information + // includes the text of SQL statements that you submit through the proxy. Thus, + // only enable this setting when needed for debugging, and only when you have + // security measures in place to safeguard any sensitive information that appears + // in the logs. + DebugLogging *bool `type:"boolean"` + + // The kinds of databases that the proxy can connect to. This value determines + // which database network protocol the proxy recognizes when it interprets network + // traffic to and from the database. Currently, this value is always MYSQL. + // The engine family applies to both RDS MySQL and Aurora MySQL. + // + // EngineFamily is a required field + EngineFamily *string `type:"string" required:"true" enum:"EngineFamily"` + + // The number of seconds that a connection to the proxy can be inactive before + // the proxy disconnects it. You can set this value higher or lower than the + // connection timeout limit for the associated database. + IdleClientTimeout *int64 `type:"integer"` + + // A Boolean parameter that specifies whether Transport Layer Security (TLS) + // encryption is required for connections to the proxy. By enabling this setting, + // you can enforce encrypted TLS connections to the proxy. + RequireTLS *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access + // secrets in AWS Secrets Manager. + // + // RoleArn is a required field + RoleArn *string `type:"string" required:"true"` + + // An optional set of key-value pairs to associate arbitrary data of your choosing + // with the proxy. + Tags []*Tag `locationNameList:"Tag" type:"list"` + + // One or more VPC security group IDs to associate with the new proxy. + VpcSecurityGroupIds []*string `type:"list"` + + // One or more VPC subnet IDs to associate with the new proxy. + // + // VpcSubnetIds is a required field + VpcSubnetIds []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s CreateDBProxyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateDBProxyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateDBProxyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateDBProxyInput"} + if s.Auth == nil { + invalidParams.Add(request.NewErrParamRequired("Auth")) + } + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + if s.EngineFamily == nil { + invalidParams.Add(request.NewErrParamRequired("EngineFamily")) + } + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) + } + if s.VpcSubnetIds == nil { + invalidParams.Add(request.NewErrParamRequired("VpcSubnetIds")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAuth sets the Auth field's value. +func (s *CreateDBProxyInput) SetAuth(v []*UserAuthConfig) *CreateDBProxyInput { + s.Auth = v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *CreateDBProxyInput) SetDBProxyName(v string) *CreateDBProxyInput { + s.DBProxyName = &v + return s +} + +// SetDebugLogging sets the DebugLogging field's value. +func (s *CreateDBProxyInput) SetDebugLogging(v bool) *CreateDBProxyInput { + s.DebugLogging = &v + return s +} + +// SetEngineFamily sets the EngineFamily field's value. +func (s *CreateDBProxyInput) SetEngineFamily(v string) *CreateDBProxyInput { + s.EngineFamily = &v + return s +} + +// SetIdleClientTimeout sets the IdleClientTimeout field's value. +func (s *CreateDBProxyInput) SetIdleClientTimeout(v int64) *CreateDBProxyInput { + s.IdleClientTimeout = &v + return s +} + +// SetRequireTLS sets the RequireTLS field's value. +func (s *CreateDBProxyInput) SetRequireTLS(v bool) *CreateDBProxyInput { + s.RequireTLS = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *CreateDBProxyInput) SetRoleArn(v string) *CreateDBProxyInput { + s.RoleArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateDBProxyInput) SetTags(v []*Tag) *CreateDBProxyInput { + s.Tags = v + return s +} + +// SetVpcSecurityGroupIds sets the VpcSecurityGroupIds field's value. +func (s *CreateDBProxyInput) SetVpcSecurityGroupIds(v []*string) *CreateDBProxyInput { + s.VpcSecurityGroupIds = v + return s +} + +// SetVpcSubnetIds sets the VpcSubnetIds field's value. +func (s *CreateDBProxyInput) SetVpcSubnetIds(v []*string) *CreateDBProxyInput { + s.VpcSubnetIds = v + return s +} + +type CreateDBProxyOutput struct { + _ struct{} `type:"structure"` + + // The DBProxy structure corresponding to the new proxy. + DBProxy *DBProxy `type:"structure"` +} + +// String returns the string representation +func (s CreateDBProxyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateDBProxyOutput) GoString() string { + return s.String() +} + +// SetDBProxy sets the DBProxy field's value. +func (s *CreateDBProxyOutput) SetDBProxy(v *DBProxy) *CreateDBProxyOutput { + s.DBProxy = v + return s +} + type CreateDBSecurityGroupInput struct { _ struct{} `type:"structure"` @@ -16589,7 +19445,7 @@ type CreateEventSubscriptionInput struct { _ struct{} `type:"structure"` // A value that indicates whether to activate the subscription. If the event - // notification subscription is not activated, the subscription is created but + // notification subscription isn't activated, the subscription is created but // not active. Enabled *bool `type:"boolean"` @@ -16610,7 +19466,7 @@ type CreateEventSubscriptionInput struct { // The list of identifiers of the event sources for which events are returned. // If not specified, then all sources are included in the response. An identifier // must begin with a letter and must contain only ASCII letters, digits, and - // hyphens; it can't end with a hyphen or contain two consecutive hyphens. + // hyphens. It can't end with a hyphen or contain two consecutive hyphens. // // Constraints: // @@ -16631,7 +19487,7 @@ type CreateEventSubscriptionInput struct { // The type of source that is generating the events. For example, if you want // to be notified of events generated by a DB instance, you would set this parameter - // to db-instance. if this value is not specified, all events are returned. + // to db-instance. if this value isn't specified, all events are returned. // // Valid values: db-instance | db-cluster | db-parameter-group | db-security-group // | db-snapshot | db-cluster-snapshot @@ -16968,6 +19824,64 @@ func (s *CreateOptionGroupOutput) SetOptionGroup(v *OptionGroup) *CreateOptionGr return s } +// A custom Availability Zone (AZ) is an on-premises AZ that is integrated with +// a VMware vSphere cluster. +// +// For more information about RDS on VMware, see the RDS on VMware User Guide. +// (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) +type CustomAvailabilityZone struct { + _ struct{} `type:"structure"` + + // The identifier of the custom AZ. + // + // Amazon RDS generates a unique identifier when a custom AZ is created. + CustomAvailabilityZoneId *string `type:"string"` + + // The name of the custom AZ. + CustomAvailabilityZoneName *string `type:"string"` + + // The status of the custom AZ. + CustomAvailabilityZoneStatus *string `type:"string"` + + // Information about the virtual private network (VPN) between the VMware vSphere + // cluster and the AWS website. + VpnDetails *VpnDetails `type:"structure"` +} + +// String returns the string representation +func (s CustomAvailabilityZone) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CustomAvailabilityZone) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *CustomAvailabilityZone) SetCustomAvailabilityZoneId(v string) *CustomAvailabilityZone { + s.CustomAvailabilityZoneId = &v + return s +} + +// SetCustomAvailabilityZoneName sets the CustomAvailabilityZoneName field's value. +func (s *CustomAvailabilityZone) SetCustomAvailabilityZoneName(v string) *CustomAvailabilityZone { + s.CustomAvailabilityZoneName = &v + return s +} + +// SetCustomAvailabilityZoneStatus sets the CustomAvailabilityZoneStatus field's value. +func (s *CustomAvailabilityZone) SetCustomAvailabilityZoneStatus(v string) *CustomAvailabilityZone { + s.CustomAvailabilityZoneStatus = &v + return s +} + +// SetVpnDetails sets the VpnDetails field's value. +func (s *CustomAvailabilityZone) SetVpnDetails(v *VpnDetails) *CustomAvailabilityZone { + s.VpnDetails = v + return s +} + // Contains the details of an Amazon Aurora DB cluster. // // This data type is used as a response element in the DescribeDBClusters, StopDBCluster, @@ -16993,7 +19907,7 @@ type DBCluster struct { // For all database engines except Amazon Aurora, AllocatedStorage specifies // the allocated storage size in gibibytes (GiB). For Aurora, AllocatedStorage - // always returns 1, because Aurora DB cluster storage size is not fixed, but + // always returns 1, because Aurora DB cluster storage size isn't fixed, but // instead automatically adjusts as needed. AllocatedStorage *int64 `type:"integer"` @@ -18173,7 +21087,7 @@ type DBEngineVersion struct { DBParameterGroupFamily *string `type:"string"` // The default character set for new instances of this engine version, if the - // CharacterSetName parameter of the CreateDBInstance API is not specified. + // CharacterSetName parameter of the CreateDBInstance API isn't specified. DefaultCharacterSet *CharacterSet `type:"structure"` // The name of the database engine. @@ -18556,7 +21470,7 @@ type DBInstance struct { // instance with multi-AZ support. SecondaryAvailabilityZone *string `type:"string"` - // The status of a Read Replica. If the instance is not a Read Replica, this + // The status of a Read Replica. If the instance isn't a Read Replica, this // is blank. StatusInfos []*DBInstanceStatusInfo `locationNameList:"DBInstanceStatusInfo" type:"list"` @@ -19244,7 +22158,7 @@ type DBInstanceStatusInfo struct { _ struct{} `type:"structure"` // Details of the error if there is an error for the instance. If the instance - // is not in an error state, this value is blank. + // isn't in an error state, this value is blank. Message *string `type:"string"` // Boolean value that is true if the instance is operating normally, or false @@ -19421,6 +22335,359 @@ func (s *DBParameterGroupStatus) SetParameterApplyStatus(v string) *DBParameterG return s } +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// The data structure representing a proxy managed by the RDS Proxy. +// +// This data type is used as a response element in the DescribeDBProxies action. +type DBProxy struct { + _ struct{} `type:"structure"` + + // One or more data structures specifying the authorization mechanism to connect + // to the associated RDS DB instance or Aurora DB cluster. + Auth []*UserAuthConfigInfo `type:"list"` + + // The date and time when the proxy was first created. + CreatedDate *time.Time `type:"timestamp"` + + // The Amazon Resource Name (ARN) for the proxy. + DBProxyArn *string `type:"string"` + + // The identifier for the proxy. This name must be unique for all proxies owned + // by your AWS account in the specified AWS Region. + DBProxyName *string `type:"string"` + + // Whether the proxy includes detailed information about SQL statements in its + // logs. This information helps you to debug issues involving SQL behavior or + // the performance and scalability of the proxy connections. The debug information + // includes the text of SQL statements that you submit through the proxy. Thus, + // only enable this setting when needed for debugging, and only when you have + // security measures in place to safeguard any sensitive information that appears + // in the logs. + DebugLogging *bool `type:"boolean"` + + // The endpoint that you can use to connect to the proxy. You include the endpoint + // value in the connection string for a database client application. + Endpoint *string `type:"string"` + + // Currently, this value is always MYSQL. The engine family applies to both + // RDS MySQL and Aurora MySQL. + EngineFamily *string `type:"string"` + + // The number of seconds a connection to the proxy can have no activity before + // the proxy drops the client connection. The proxy keeps the underlying database + // connection open and puts it back into the connection pool for reuse by later + // connection requests. + // + // Default: 1800 (30 minutes) + // + // Constraints: 1 to 28,800 + IdleClientTimeout *int64 `type:"integer"` + + // Indicates whether Transport Layer Security (TLS) encryption is required for + // connections to the proxy. + RequireTLS *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) for the IAM role that the proxy uses to access + // Amazon Secrets Manager. + RoleArn *string `type:"string"` + + // The current status of this proxy. A status of available means the proxy is + // ready to handle requests. Other values indicate that you must wait for the + // proxy to be ready, or take some action to resolve an issue. + Status *string `type:"string" enum:"DBProxyStatus"` + + // The date and time when the proxy was last updated. + UpdatedDate *time.Time `type:"timestamp"` + + // Provides a list of VPC security groups that the proxy belongs to. + VpcSecurityGroupIds []*string `type:"list"` + + // The EC2 subnet IDs for the proxy. + VpcSubnetIds []*string `type:"list"` +} + +// String returns the string representation +func (s DBProxy) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DBProxy) GoString() string { + return s.String() +} + +// SetAuth sets the Auth field's value. +func (s *DBProxy) SetAuth(v []*UserAuthConfigInfo) *DBProxy { + s.Auth = v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *DBProxy) SetCreatedDate(v time.Time) *DBProxy { + s.CreatedDate = &v + return s +} + +// SetDBProxyArn sets the DBProxyArn field's value. +func (s *DBProxy) SetDBProxyArn(v string) *DBProxy { + s.DBProxyArn = &v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DBProxy) SetDBProxyName(v string) *DBProxy { + s.DBProxyName = &v + return s +} + +// SetDebugLogging sets the DebugLogging field's value. +func (s *DBProxy) SetDebugLogging(v bool) *DBProxy { + s.DebugLogging = &v + return s +} + +// SetEndpoint sets the Endpoint field's value. +func (s *DBProxy) SetEndpoint(v string) *DBProxy { + s.Endpoint = &v + return s +} + +// SetEngineFamily sets the EngineFamily field's value. +func (s *DBProxy) SetEngineFamily(v string) *DBProxy { + s.EngineFamily = &v + return s +} + +// SetIdleClientTimeout sets the IdleClientTimeout field's value. +func (s *DBProxy) SetIdleClientTimeout(v int64) *DBProxy { + s.IdleClientTimeout = &v + return s +} + +// SetRequireTLS sets the RequireTLS field's value. +func (s *DBProxy) SetRequireTLS(v bool) *DBProxy { + s.RequireTLS = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *DBProxy) SetRoleArn(v string) *DBProxy { + s.RoleArn = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *DBProxy) SetStatus(v string) *DBProxy { + s.Status = &v + return s +} + +// SetUpdatedDate sets the UpdatedDate field's value. +func (s *DBProxy) SetUpdatedDate(v time.Time) *DBProxy { + s.UpdatedDate = &v + return s +} + +// SetVpcSecurityGroupIds sets the VpcSecurityGroupIds field's value. +func (s *DBProxy) SetVpcSecurityGroupIds(v []*string) *DBProxy { + s.VpcSecurityGroupIds = v + return s +} + +// SetVpcSubnetIds sets the VpcSubnetIds field's value. +func (s *DBProxy) SetVpcSubnetIds(v []*string) *DBProxy { + s.VpcSubnetIds = v + return s +} + +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Contains the details for an RDS Proxy target. It represents an RDS DB instance +// or Aurora DB cluster that the proxy can connect to. One or more targets are +// associated with an RDS Proxy target group. +// +// This data type is used as a response element in the DescribeDBProxyTargets +// action. +type DBProxyTarget struct { + _ struct{} `type:"structure"` + + // The writer endpoint for the RDS DB instance or Aurora DB cluster. + Endpoint *string `type:"string"` + + // The port that the RDS Proxy uses to connect to the target RDS DB instance + // or Aurora DB cluster. + Port *int64 `type:"integer"` + + // The identifier representing the target. It can be the instance identifier + // for an RDS DB instance, or the cluster identifier for an Aurora DB cluster. + RdsResourceId *string `type:"string"` + + // The Amazon Resource Name (ARN) for the RDS DB instance or Aurora DB cluster. + TargetArn *string `type:"string"` + + // The DB cluster identifier when the target represents an Aurora DB cluster. + // This field is blank when the target represents an RDS DB instance. + TrackedClusterId *string `type:"string"` + + // Specifies the kind of database, such as an RDS DB instance or an Aurora DB + // cluster, that the target represents. + Type *string `type:"string" enum:"TargetType"` +} + +// String returns the string representation +func (s DBProxyTarget) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DBProxyTarget) GoString() string { + return s.String() +} + +// SetEndpoint sets the Endpoint field's value. +func (s *DBProxyTarget) SetEndpoint(v string) *DBProxyTarget { + s.Endpoint = &v + return s +} + +// SetPort sets the Port field's value. +func (s *DBProxyTarget) SetPort(v int64) *DBProxyTarget { + s.Port = &v + return s +} + +// SetRdsResourceId sets the RdsResourceId field's value. +func (s *DBProxyTarget) SetRdsResourceId(v string) *DBProxyTarget { + s.RdsResourceId = &v + return s +} + +// SetTargetArn sets the TargetArn field's value. +func (s *DBProxyTarget) SetTargetArn(v string) *DBProxyTarget { + s.TargetArn = &v + return s +} + +// SetTrackedClusterId sets the TrackedClusterId field's value. +func (s *DBProxyTarget) SetTrackedClusterId(v string) *DBProxyTarget { + s.TrackedClusterId = &v + return s +} + +// SetType sets the Type field's value. +func (s *DBProxyTarget) SetType(v string) *DBProxyTarget { + s.Type = &v + return s +} + +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Represents a set of RDS DB instances, Aurora DB clusters, or both that a +// proxy can connect to. Currently, each target group is associated with exactly +// one RDS DB instance or Aurora DB cluster. +// +// This data type is used as a response element in the DescribeDBProxyTargetGroups +// action. +type DBProxyTargetGroup struct { + _ struct{} `type:"structure"` + + // The settings that determine the size and behavior of the connection pool + // for the target group. + ConnectionPoolConfig *ConnectionPoolConfigurationInfo `type:"structure"` + + // The date and time when the target group was first created. + CreatedDate *time.Time `type:"timestamp"` + + // The identifier for the RDS proxy associated with this target group. + DBProxyName *string `type:"string"` + + // Whether this target group is the first one used for connection requests by + // the associated proxy. Because each proxy is currently associated with a single + // target group, currently this setting is always true. + IsDefault *bool `type:"boolean"` + + // The current status of this target group. A status of available means the + // target group is correctly associated with a database. Other values indicate + // that you must wait for the target group to be ready, or take some action + // to resolve an issue. + Status *string `type:"string"` + + // The Amazon Resource Name (ARN) representing the target group. + TargetGroupArn *string `type:"string"` + + // The identifier for the target group. This name must be unique for all target + // groups owned by your AWS account in the specified AWS Region. + TargetGroupName *string `type:"string"` + + // The date and time when the target group was last updated. + UpdatedDate *time.Time `type:"timestamp"` +} + +// String returns the string representation +func (s DBProxyTargetGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DBProxyTargetGroup) GoString() string { + return s.String() +} + +// SetConnectionPoolConfig sets the ConnectionPoolConfig field's value. +func (s *DBProxyTargetGroup) SetConnectionPoolConfig(v *ConnectionPoolConfigurationInfo) *DBProxyTargetGroup { + s.ConnectionPoolConfig = v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *DBProxyTargetGroup) SetCreatedDate(v time.Time) *DBProxyTargetGroup { + s.CreatedDate = &v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DBProxyTargetGroup) SetDBProxyName(v string) *DBProxyTargetGroup { + s.DBProxyName = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *DBProxyTargetGroup) SetIsDefault(v bool) *DBProxyTargetGroup { + s.IsDefault = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *DBProxyTargetGroup) SetStatus(v string) *DBProxyTargetGroup { + s.Status = &v + return s +} + +// SetTargetGroupArn sets the TargetGroupArn field's value. +func (s *DBProxyTargetGroup) SetTargetGroupArn(v string) *DBProxyTargetGroup { + s.TargetGroupArn = &v + return s +} + +// SetTargetGroupName sets the TargetGroupName field's value. +func (s *DBProxyTargetGroup) SetTargetGroupName(v string) *DBProxyTargetGroup { + s.TargetGroupName = &v + return s +} + +// SetUpdatedDate sets the UpdatedDate field's value. +func (s *DBProxyTargetGroup) SetUpdatedDate(v time.Time) *DBProxyTargetGroup { + s.UpdatedDate = &v + return s +} + // Contains the details for an Amazon RDS DB security group. // // This data type is used as a response element in the DescribeDBSecurityGroups @@ -19980,6 +23247,71 @@ func (s *DBSubnetGroup) SetVpcId(v string) *DBSubnetGroup { return s } +type DeleteCustomAvailabilityZoneInput struct { + _ struct{} `type:"structure"` + + // The custom AZ identifier. + // + // CustomAvailabilityZoneId is a required field + CustomAvailabilityZoneId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteCustomAvailabilityZoneInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteCustomAvailabilityZoneInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteCustomAvailabilityZoneInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteCustomAvailabilityZoneInput"} + if s.CustomAvailabilityZoneId == nil { + invalidParams.Add(request.NewErrParamRequired("CustomAvailabilityZoneId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *DeleteCustomAvailabilityZoneInput) SetCustomAvailabilityZoneId(v string) *DeleteCustomAvailabilityZoneInput { + s.CustomAvailabilityZoneId = &v + return s +} + +type DeleteCustomAvailabilityZoneOutput struct { + _ struct{} `type:"structure"` + + // A custom Availability Zone (AZ) is an on-premises AZ that is integrated with + // a VMware vSphere cluster. + // + // For more information about RDS on VMware, see the RDS on VMware User Guide. + // (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) + CustomAvailabilityZone *CustomAvailabilityZone `type:"structure"` +} + +// String returns the string representation +func (s DeleteCustomAvailabilityZoneOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteCustomAvailabilityZoneOutput) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZone sets the CustomAvailabilityZone field's value. +func (s *DeleteCustomAvailabilityZoneOutput) SetCustomAvailabilityZone(v *CustomAvailabilityZone) *DeleteCustomAvailabilityZoneOutput { + s.CustomAvailabilityZone = v + return s +} + type DeleteDBClusterEndpointInput struct { _ struct{} `type:"structure"` @@ -20173,9 +23505,9 @@ type DeleteDBClusterInput struct { // A value that indicates whether to skip the creation of a final DB cluster // snapshot before the DB cluster is deleted. If skip is specified, no DB cluster - // snapshot is created. If skip is not specified, a DB cluster snapshot is created - // before the DB cluster is deleted. By default, skip is not specified, and - // the DB cluster snapshot is created. By default, this parameter is disabled. + // snapshot is created. If skip isn't specified, a DB cluster snapshot is created + // before the DB cluster is deleted. By default, skip isn't specified, and the + // DB cluster snapshot is created. By default, this parameter is disabled. // // You must specify a FinalDBSnapshotIdentifier parameter if SkipFinalSnapshot // is disabled. @@ -20478,18 +23810,16 @@ type DeleteDBInstanceInput struct { // A value that indicates whether to skip the creation of a final DB snapshot // before the DB instance is deleted. If skip is specified, no DB snapshot is - // created. If skip is not specified, a DB snapshot is created before the DB - // instance is deleted. By default, skip is not specified, and the DB snapshot + // created. If skip isn't specified, a DB snapshot is created before the DB + // instance is deleted. By default, skip isn't specified, and the DB snapshot // is created. // - // Note that when a DB instance is in a failure state and has a status of 'failed', - // 'incompatible-restore', or 'incompatible-network', it can only be deleted - // when skip is specified. + // When a DB instance is in a failure state and has a status of 'failed', 'incompatible-restore', + // or 'incompatible-network', it can only be deleted when skip is specified. // // Specify skip when deleting a Read Replica. // - // The FinalDBSnapshotIdentifier parameter must be specified if skip is not - // specified. + // The FinalDBSnapshotIdentifier parameter must be specified if skip isn't specified. SkipFinalSnapshot *bool `type:"boolean"` } @@ -20625,6 +23955,67 @@ func (s DeleteDBParameterGroupOutput) GoString() string { return s.String() } +type DeleteDBProxyInput struct { + _ struct{} `type:"structure"` + + // The name of the DB proxy to delete. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteDBProxyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteDBProxyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDBProxyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDBProxyInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DeleteDBProxyInput) SetDBProxyName(v string) *DeleteDBProxyInput { + s.DBProxyName = &v + return s +} + +type DeleteDBProxyOutput struct { + _ struct{} `type:"structure"` + + // The data structure representing the details of the DB proxy that you delete. + DBProxy *DBProxy `type:"structure"` +} + +// String returns the string representation +func (s DeleteDBProxyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteDBProxyOutput) GoString() string { + return s.String() +} + +// SetDBProxy sets the DBProxy field's value. +func (s *DeleteDBProxyOutput) SetDBProxy(v *DBProxy) *DeleteDBProxyOutput { + s.DBProxy = v + return s +} + type DeleteDBSecurityGroupInput struct { _ struct{} `type:"structure"` @@ -20939,6 +24330,133 @@ func (s *DeleteGlobalClusterOutput) SetGlobalCluster(v *GlobalCluster) *DeleteGl return s } +type DeleteInstallationMediaInput struct { + _ struct{} `type:"structure"` + + // The installation medium ID. + // + // InstallationMediaId is a required field + InstallationMediaId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteInstallationMediaInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteInstallationMediaInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteInstallationMediaInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteInstallationMediaInput"} + if s.InstallationMediaId == nil { + invalidParams.Add(request.NewErrParamRequired("InstallationMediaId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetInstallationMediaId sets the InstallationMediaId field's value. +func (s *DeleteInstallationMediaInput) SetInstallationMediaId(v string) *DeleteInstallationMediaInput { + s.InstallationMediaId = &v + return s +} + +// Contains the installation media for a DB engine that requires an on-premises +// customer provided license, such as Microsoft SQL Server. +type DeleteInstallationMediaOutput struct { + _ struct{} `type:"structure"` + + // The custom Availability Zone (AZ) that contains the installation media. + CustomAvailabilityZoneId *string `type:"string"` + + // The DB engine. + Engine *string `type:"string"` + + // The path to the installation medium for the DB engine. + EngineInstallationMediaPath *string `type:"string"` + + // The engine version of the DB engine. + EngineVersion *string `type:"string"` + + // If an installation media failure occurred, the cause of the failure. + FailureCause *InstallationMediaFailureCause `type:"structure"` + + // The installation medium ID. + InstallationMediaId *string `type:"string"` + + // The path to the installation medium for the operating system associated with + // the DB engine. + OSInstallationMediaPath *string `type:"string"` + + // The status of the installation medium. + Status *string `type:"string"` +} + +// String returns the string representation +func (s DeleteInstallationMediaOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteInstallationMediaOutput) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *DeleteInstallationMediaOutput) SetCustomAvailabilityZoneId(v string) *DeleteInstallationMediaOutput { + s.CustomAvailabilityZoneId = &v + return s +} + +// SetEngine sets the Engine field's value. +func (s *DeleteInstallationMediaOutput) SetEngine(v string) *DeleteInstallationMediaOutput { + s.Engine = &v + return s +} + +// SetEngineInstallationMediaPath sets the EngineInstallationMediaPath field's value. +func (s *DeleteInstallationMediaOutput) SetEngineInstallationMediaPath(v string) *DeleteInstallationMediaOutput { + s.EngineInstallationMediaPath = &v + return s +} + +// SetEngineVersion sets the EngineVersion field's value. +func (s *DeleteInstallationMediaOutput) SetEngineVersion(v string) *DeleteInstallationMediaOutput { + s.EngineVersion = &v + return s +} + +// SetFailureCause sets the FailureCause field's value. +func (s *DeleteInstallationMediaOutput) SetFailureCause(v *InstallationMediaFailureCause) *DeleteInstallationMediaOutput { + s.FailureCause = v + return s +} + +// SetInstallationMediaId sets the InstallationMediaId field's value. +func (s *DeleteInstallationMediaOutput) SetInstallationMediaId(v string) *DeleteInstallationMediaOutput { + s.InstallationMediaId = &v + return s +} + +// SetOSInstallationMediaPath sets the OSInstallationMediaPath field's value. +func (s *DeleteInstallationMediaOutput) SetOSInstallationMediaPath(v string) *DeleteInstallationMediaOutput { + s.OSInstallationMediaPath = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *DeleteInstallationMediaOutput) SetStatus(v string) *DeleteInstallationMediaOutput { + s.Status = &v + return s +} + type DeleteOptionGroupInput struct { _ struct{} `type:"structure"` @@ -20993,6 +24511,85 @@ func (s DeleteOptionGroupOutput) GoString() string { return s.String() } +type DeregisterDBProxyTargetsInput struct { + _ struct{} `type:"structure"` + + // One or more DB cluster identifiers. + DBClusterIdentifiers []*string `type:"list"` + + // One or more DB instance identifiers. + DBInstanceIdentifiers []*string `type:"list"` + + // The identifier of the DBProxy that is associated with the DBProxyTargetGroup. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // The identifier of the DBProxyTargetGroup. + TargetGroupName *string `type:"string"` +} + +// String returns the string representation +func (s DeregisterDBProxyTargetsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterDBProxyTargetsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeregisterDBProxyTargetsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeregisterDBProxyTargetsInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDBClusterIdentifiers sets the DBClusterIdentifiers field's value. +func (s *DeregisterDBProxyTargetsInput) SetDBClusterIdentifiers(v []*string) *DeregisterDBProxyTargetsInput { + s.DBClusterIdentifiers = v + return s +} + +// SetDBInstanceIdentifiers sets the DBInstanceIdentifiers field's value. +func (s *DeregisterDBProxyTargetsInput) SetDBInstanceIdentifiers(v []*string) *DeregisterDBProxyTargetsInput { + s.DBInstanceIdentifiers = v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DeregisterDBProxyTargetsInput) SetDBProxyName(v string) *DeregisterDBProxyTargetsInput { + s.DBProxyName = &v + return s +} + +// SetTargetGroupName sets the TargetGroupName field's value. +func (s *DeregisterDBProxyTargetsInput) SetTargetGroupName(v string) *DeregisterDBProxyTargetsInput { + s.TargetGroupName = &v + return s +} + +type DeregisterDBProxyTargetsOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeregisterDBProxyTargetsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterDBProxyTargetsOutput) GoString() string { + return s.String() +} + type DescribeAccountAttributesInput struct { _ struct{} `type:"structure"` } @@ -21044,7 +24641,7 @@ type DescribeCertificatesInput struct { // * Must match an existing CertificateIdentifier. CertificateIdentifier *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeCertificates @@ -21054,7 +24651,7 @@ type DescribeCertificatesInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -21151,6 +24748,119 @@ func (s *DescribeCertificatesOutput) SetMarker(v string) *DescribeCertificatesOu return s } +type DescribeCustomAvailabilityZonesInput struct { + _ struct{} `type:"structure"` + + // The custom AZ identifier. If this parameter is specified, information from + // only the specific custom AZ is returned. + CustomAvailabilityZoneId *string `type:"string"` + + // A filter that specifies one or more custom AZs to describe. + Filters []*Filter `locationNameList:"Filter" type:"list"` + + // An optional pagination token provided by a previous DescribeCustomAvailabilityZones + // request. If this parameter is specified, the response includes only records + // beyond the marker, up to the value specified by MaxRecords. + Marker *string `type:"string"` + + // The maximum number of records to include in the response. If more records + // exist than the specified MaxRecords value, a pagination token called a marker + // is included in the response so you can retrieve the remaining results. + // + // Default: 100 + // + // Constraints: Minimum 20, maximum 100. + MaxRecords *int64 `type:"integer"` +} + +// String returns the string representation +func (s DescribeCustomAvailabilityZonesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCustomAvailabilityZonesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCustomAvailabilityZonesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCustomAvailabilityZonesInput"} + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *DescribeCustomAvailabilityZonesInput) SetCustomAvailabilityZoneId(v string) *DescribeCustomAvailabilityZonesInput { + s.CustomAvailabilityZoneId = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeCustomAvailabilityZonesInput) SetFilters(v []*Filter) *DescribeCustomAvailabilityZonesInput { + s.Filters = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeCustomAvailabilityZonesInput) SetMarker(v string) *DescribeCustomAvailabilityZonesInput { + s.Marker = &v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeCustomAvailabilityZonesInput) SetMaxRecords(v int64) *DescribeCustomAvailabilityZonesInput { + s.MaxRecords = &v + return s +} + +type DescribeCustomAvailabilityZonesOutput struct { + _ struct{} `type:"structure"` + + // The list of CustomAvailabilityZone objects for the AWS account. + CustomAvailabilityZones []*CustomAvailabilityZone `locationNameList:"CustomAvailabilityZone" type:"list"` + + // An optional pagination token provided by a previous DescribeCustomAvailabilityZones + // request. If this parameter is specified, the response includes only records + // beyond the marker, up to the value specified by MaxRecords. + Marker *string `type:"string"` +} + +// String returns the string representation +func (s DescribeCustomAvailabilityZonesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCustomAvailabilityZonesOutput) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZones sets the CustomAvailabilityZones field's value. +func (s *DescribeCustomAvailabilityZonesOutput) SetCustomAvailabilityZones(v []*CustomAvailabilityZone) *DescribeCustomAvailabilityZonesOutput { + s.CustomAvailabilityZones = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeCustomAvailabilityZonesOutput) SetMarker(v string) *DescribeCustomAvailabilityZonesOutput { + s.Marker = &v + return s +} + type DescribeDBClusterBacktracksInput struct { _ struct{} `type:"structure"` @@ -21201,7 +24911,7 @@ type DescribeDBClusterBacktracksInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -21280,7 +24990,7 @@ type DescribeDBClusterBacktracksOutput struct { // Contains a list of backtracks for the user. DBClusterBacktracks []*BacktrackDBClusterOutput `locationNameList:"DBClusterBacktrack" type:"list"` - // A pagination token that can be used in a subsequent DescribeDBClusterBacktracks + // A pagination token that can be used in a later DescribeDBClusterBacktracks // request. Marker *string `type:"string"` } @@ -21334,7 +25044,7 @@ type DescribeDBClusterEndpointsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -21447,7 +25157,7 @@ type DescribeDBClusterParameterGroupsInput struct { // * If supplied, must match the name of an existing DBClusterParameterGroup. DBClusterParameterGroupName *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeDBClusterParameterGroups @@ -21457,7 +25167,7 @@ type DescribeDBClusterParameterGroupsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -21566,7 +25276,7 @@ type DescribeDBClusterParametersInput struct { // DBClusterParameterGroupName is a required field DBClusterParameterGroupName *string `type:"string" required:"true"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeDBClusterParameters @@ -21576,7 +25286,7 @@ type DescribeDBClusterParametersInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -21758,7 +25468,7 @@ type DescribeDBClusterSnapshotsInput struct { // The ID of the DB cluster to retrieve the list of DB cluster snapshots for. // This parameter can't be used in conjunction with the DBClusterSnapshotIdentifier - // parameter. This parameter is not case-sensitive. + // parameter. This parameter isn't case-sensitive. // // Constraints: // @@ -21814,7 +25524,7 @@ type DescribeDBClusterSnapshotsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -21994,7 +25704,7 @@ type DescribeDBClustersInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -22070,7 +25780,7 @@ type DescribeDBClustersOutput struct { // Contains a list of DB clusters for the user. DBClusters []*DBCluster `locationNameList:"DBCluster" type:"list"` - // A pagination token that can be used in a subsequent DescribeDBClusters request. + // A pagination token that can be used in a later DescribeDBClusters request. Marker *string `type:"string"` } @@ -22118,7 +25828,7 @@ type DescribeDBEngineVersionsInput struct { // Example: 5.1.49 EngineVersion *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // A value that indicates whether to include engine versions that aren't available @@ -22148,7 +25858,7 @@ type DescribeDBEngineVersionsInput struct { // The maximum number of records to include in the response. If more than the // MaxRecords value is available, a pagination token called a marker is included - // in the response so that the following results can be retrieved. + // in the response so you can retrieve the remaining results. // // Default: 100 // @@ -22322,7 +26032,7 @@ type DescribeDBInstanceAutomatedBackupsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. MaxRecords *int64 `type:"integer"` } @@ -22465,7 +26175,7 @@ type DescribeDBInstancesInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -22629,7 +26339,7 @@ type DescribeDBLogFilesInput struct { // string. FilenameContains *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // The pagination token provided in the previous request. If this parameter @@ -22639,7 +26349,7 @@ type DescribeDBLogFilesInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. MaxRecords *int64 `type:"integer"` } @@ -22725,7 +26435,7 @@ type DescribeDBLogFilesOutput struct { // The DB log files returned. DescribeDBLogFiles []*DescribeDBLogFilesDetails `locationNameList:"DescribeDBLogFilesDetails" type:"list"` - // A pagination token that can be used in a subsequent DescribeDBLogFiles request. + // A pagination token that can be used in a later DescribeDBLogFiles request. Marker *string `type:"string"` } @@ -22761,7 +26471,7 @@ type DescribeDBParameterGroupsInput struct { // * If supplied, must match the name of an existing DBClusterParameterGroup. DBParameterGroupName *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeDBParameterGroups @@ -22771,7 +26481,7 @@ type DescribeDBParameterGroupsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -22881,7 +26591,7 @@ type DescribeDBParametersInput struct { // DBParameterGroupName is a required field DBParameterGroupName *string `type:"string" required:"true"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeDBParameters @@ -22891,7 +26601,7 @@ type DescribeDBParametersInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -23005,13 +26715,388 @@ func (s *DescribeDBParametersOutput) SetParameters(v []*Parameter) *DescribeDBPa return s } +type DescribeDBProxiesInput struct { + _ struct{} `type:"structure"` + + // The name of the DB proxy. + DBProxyName *string `type:"string"` + + // This parameter is not currently supported. + Filters []*Filter `locationNameList:"Filter" type:"list"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` + + // The maximum number of records to include in the response. If more records + // exist than the specified MaxRecords value, a pagination token called a marker + // is included in the response so that the remaining results can be retrieved. + // + // Default: 100 + // + // Constraints: Minimum 20, maximum 100. + MaxRecords *int64 `min:"20" type:"integer"` +} + +// String returns the string representation +func (s DescribeDBProxiesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeDBProxiesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDBProxiesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDBProxiesInput"} + if s.MaxRecords != nil && *s.MaxRecords < 20 { + invalidParams.Add(request.NewErrParamMinValue("MaxRecords", 20)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DescribeDBProxiesInput) SetDBProxyName(v string) *DescribeDBProxiesInput { + s.DBProxyName = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeDBProxiesInput) SetFilters(v []*Filter) *DescribeDBProxiesInput { + s.Filters = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeDBProxiesInput) SetMarker(v string) *DescribeDBProxiesInput { + s.Marker = &v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeDBProxiesInput) SetMaxRecords(v int64) *DescribeDBProxiesInput { + s.MaxRecords = &v + return s +} + +type DescribeDBProxiesOutput struct { + _ struct{} `type:"structure"` + + // A return value representing an arbitrary number of DBProxy data structures. + DBProxies []*DBProxy `type:"list"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` +} + +// String returns the string representation +func (s DescribeDBProxiesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeDBProxiesOutput) GoString() string { + return s.String() +} + +// SetDBProxies sets the DBProxies field's value. +func (s *DescribeDBProxiesOutput) SetDBProxies(v []*DBProxy) *DescribeDBProxiesOutput { + s.DBProxies = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeDBProxiesOutput) SetMarker(v string) *DescribeDBProxiesOutput { + s.Marker = &v + return s +} + +type DescribeDBProxyTargetGroupsInput struct { + _ struct{} `type:"structure"` + + // The identifier of the DBProxy associated with the target group. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // This parameter is not currently supported. + Filters []*Filter `locationNameList:"Filter" type:"list"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` + + // The maximum number of records to include in the response. If more records + // exist than the specified MaxRecords value, a pagination token called a marker + // is included in the response so that the remaining results can be retrieved. + // + // Default: 100 + // + // Constraints: Minimum 20, maximum 100. + MaxRecords *int64 `min:"20" type:"integer"` + + // The identifier of the DBProxyTargetGroup to describe. + TargetGroupName *string `type:"string"` +} + +// String returns the string representation +func (s DescribeDBProxyTargetGroupsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeDBProxyTargetGroupsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDBProxyTargetGroupsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDBProxyTargetGroupsInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + if s.MaxRecords != nil && *s.MaxRecords < 20 { + invalidParams.Add(request.NewErrParamMinValue("MaxRecords", 20)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DescribeDBProxyTargetGroupsInput) SetDBProxyName(v string) *DescribeDBProxyTargetGroupsInput { + s.DBProxyName = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeDBProxyTargetGroupsInput) SetFilters(v []*Filter) *DescribeDBProxyTargetGroupsInput { + s.Filters = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeDBProxyTargetGroupsInput) SetMarker(v string) *DescribeDBProxyTargetGroupsInput { + s.Marker = &v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeDBProxyTargetGroupsInput) SetMaxRecords(v int64) *DescribeDBProxyTargetGroupsInput { + s.MaxRecords = &v + return s +} + +// SetTargetGroupName sets the TargetGroupName field's value. +func (s *DescribeDBProxyTargetGroupsInput) SetTargetGroupName(v string) *DescribeDBProxyTargetGroupsInput { + s.TargetGroupName = &v + return s +} + +type DescribeDBProxyTargetGroupsOutput struct { + _ struct{} `type:"structure"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` + + // An arbitrary number of DBProxyTargetGroup objects, containing details of + // the corresponding target groups. + TargetGroups []*DBProxyTargetGroup `type:"list"` +} + +// String returns the string representation +func (s DescribeDBProxyTargetGroupsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeDBProxyTargetGroupsOutput) GoString() string { + return s.String() +} + +// SetMarker sets the Marker field's value. +func (s *DescribeDBProxyTargetGroupsOutput) SetMarker(v string) *DescribeDBProxyTargetGroupsOutput { + s.Marker = &v + return s +} + +// SetTargetGroups sets the TargetGroups field's value. +func (s *DescribeDBProxyTargetGroupsOutput) SetTargetGroups(v []*DBProxyTargetGroup) *DescribeDBProxyTargetGroupsOutput { + s.TargetGroups = v + return s +} + +type DescribeDBProxyTargetsInput struct { + _ struct{} `type:"structure"` + + // The identifier of the DBProxyTarget to describe. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // This parameter is not currently supported. + Filters []*Filter `locationNameList:"Filter" type:"list"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` + + // The maximum number of records to include in the response. If more records + // exist than the specified MaxRecords value, a pagination token called a marker + // is included in the response so that the remaining results can be retrieved. + // + // Default: 100 + // + // Constraints: Minimum 20, maximum 100. + MaxRecords *int64 `min:"20" type:"integer"` + + // The identifier of the DBProxyTargetGroup to describe. + TargetGroupName *string `type:"string"` +} + +// String returns the string representation +func (s DescribeDBProxyTargetsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeDBProxyTargetsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDBProxyTargetsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDBProxyTargetsInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + if s.MaxRecords != nil && *s.MaxRecords < 20 { + invalidParams.Add(request.NewErrParamMinValue("MaxRecords", 20)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *DescribeDBProxyTargetsInput) SetDBProxyName(v string) *DescribeDBProxyTargetsInput { + s.DBProxyName = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeDBProxyTargetsInput) SetFilters(v []*Filter) *DescribeDBProxyTargetsInput { + s.Filters = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeDBProxyTargetsInput) SetMarker(v string) *DescribeDBProxyTargetsInput { + s.Marker = &v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeDBProxyTargetsInput) SetMaxRecords(v int64) *DescribeDBProxyTargetsInput { + s.MaxRecords = &v + return s +} + +// SetTargetGroupName sets the TargetGroupName field's value. +func (s *DescribeDBProxyTargetsInput) SetTargetGroupName(v string) *DescribeDBProxyTargetsInput { + s.TargetGroupName = &v + return s +} + +type DescribeDBProxyTargetsOutput struct { + _ struct{} `type:"structure"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` + + // An arbitrary number of DBProxyTarget objects, containing details of the corresponding + // targets. + Targets []*DBProxyTarget `type:"list"` +} + +// String returns the string representation +func (s DescribeDBProxyTargetsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeDBProxyTargetsOutput) GoString() string { + return s.String() +} + +// SetMarker sets the Marker field's value. +func (s *DescribeDBProxyTargetsOutput) SetMarker(v string) *DescribeDBProxyTargetsOutput { + s.Marker = &v + return s +} + +// SetTargets sets the Targets field's value. +func (s *DescribeDBProxyTargetsOutput) SetTargets(v []*DBProxyTarget) *DescribeDBProxyTargetsOutput { + s.Targets = v + return s +} + type DescribeDBSecurityGroupsInput struct { _ struct{} `type:"structure"` // The name of the DB security group to return details for. DBSecurityGroupName *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeDBSecurityGroups @@ -23021,7 +27106,7 @@ type DescribeDBSecurityGroupsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -23190,7 +27275,7 @@ type DescribeDBSnapshotsInput struct { // The ID of the DB instance to retrieve the list of DB snapshots for. This // parameter can't be used in conjunction with DBSnapshotIdentifier. This parameter - // is not case-sensitive. + // isn't case-sensitive. // // Constraints: // @@ -23251,7 +27336,7 @@ type DescribeDBSnapshotsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -23415,7 +27500,7 @@ type DescribeDBSubnetGroupsInput struct { // The name of the DB subnet group to return details for. DBSubnetGroupName *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeDBSubnetGroups @@ -23425,7 +27510,7 @@ type DescribeDBSubnetGroupsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -23532,7 +27617,7 @@ type DescribeEngineDefaultClusterParametersInput struct { // DBParameterGroupFamily is a required field DBParameterGroupFamily *string `type:"string" required:"true"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeEngineDefaultClusterParameters @@ -23542,7 +27627,7 @@ type DescribeEngineDefaultClusterParametersInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -23639,7 +27724,7 @@ type DescribeEngineDefaultParametersInput struct { // DBParameterGroupFamily is a required field DBParameterGroupFamily *string `type:"string" required:"true"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeEngineDefaultParameters @@ -23649,7 +27734,7 @@ type DescribeEngineDefaultParametersInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -23741,7 +27826,7 @@ func (s *DescribeEngineDefaultParametersOutput) SetEngineDefaults(v *EngineDefau type DescribeEventCategoriesInput struct { _ struct{} `type:"structure"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // The type of source that is generating the events. @@ -23819,7 +27904,7 @@ func (s *DescribeEventCategoriesOutput) SetEventCategoriesMapList(v []*EventCate type DescribeEventSubscriptionsInput struct { _ struct{} `type:"structure"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeOrderableDBInstanceOptions @@ -23829,7 +27914,7 @@ type DescribeEventSubscriptionsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -23948,7 +28033,7 @@ type DescribeEventsInput struct { // subscription. EventCategories []*string `locationNameList:"EventCategory" type:"list"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeEvents request. @@ -23958,7 +28043,7 @@ type DescribeEventsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -24117,6 +28202,140 @@ func (s *DescribeEventsOutput) SetMarker(v string) *DescribeEventsOutput { return s } +type DescribeExportTasksInput struct { + _ struct{} `type:"structure"` + + // The identifier of the snapshot export task to be described. + ExportTaskIdentifier *string `type:"string"` + + // Filters specify one or more snapshot exports to describe. The filters are + // specified as name-value pairs that define what to include in the output. + // + // Supported filters include the following: + // + // * export-task-identifier - An identifier for the snapshot export task. + // + // * s3-bucket - The Amazon S3 bucket the snapshot is exported to. + // + // * source-arn - The Amazon Resource Name (ARN) of the snapshot exported + // to Amazon S3 + // + // * status - The status of the export task. + Filters []*Filter `locationNameList:"Filter" type:"list"` + + // An optional pagination token provided by a previous DescribeExportTasks request. + // If you specify this parameter, the response includes only records beyond + // the marker, up to the value specified by the MaxRecords parameter. + Marker *string `type:"string"` + + // The maximum number of records to include in the response. If more records + // exist than the specified value, a pagination token called a marker is included + // in the response. You can use the marker in a later DescribeExportTasks request + // to retrieve the remaining results. + // + // Default: 100 + // + // Constraints: Minimum 20, maximum 100. + MaxRecords *string `type:"string"` + + // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + SourceArn *string `type:"string"` +} + +// String returns the string representation +func (s DescribeExportTasksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeExportTasksInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeExportTasksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeExportTasksInput"} + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetExportTaskIdentifier sets the ExportTaskIdentifier field's value. +func (s *DescribeExportTasksInput) SetExportTaskIdentifier(v string) *DescribeExportTasksInput { + s.ExportTaskIdentifier = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeExportTasksInput) SetFilters(v []*Filter) *DescribeExportTasksInput { + s.Filters = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeExportTasksInput) SetMarker(v string) *DescribeExportTasksInput { + s.Marker = &v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeExportTasksInput) SetMaxRecords(v string) *DescribeExportTasksInput { + s.MaxRecords = &v + return s +} + +// SetSourceArn sets the SourceArn field's value. +func (s *DescribeExportTasksInput) SetSourceArn(v string) *DescribeExportTasksInput { + s.SourceArn = &v + return s +} + +type DescribeExportTasksOutput struct { + _ struct{} `type:"structure"` + + // Information about an export of a snapshot to Amazon S3. + ExportTasks []*ExportTask `locationNameList:"ExportTask" type:"list"` + + // A pagination token that can be used in a later DescribeExportTasks request. + // A marker is used for pagination to identify the location to begin output + // for the next response of DescribeExportTasks. + Marker *string `type:"string"` +} + +// String returns the string representation +func (s DescribeExportTasksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeExportTasksOutput) GoString() string { + return s.String() +} + +// SetExportTasks sets the ExportTasks field's value. +func (s *DescribeExportTasksOutput) SetExportTasks(v []*ExportTask) *DescribeExportTasksOutput { + s.ExportTasks = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeExportTasksOutput) SetMarker(v string) *DescribeExportTasksOutput { + s.Marker = &v + return s +} + type DescribeGlobalClustersInput struct { _ struct{} `type:"structure"` @@ -24145,7 +28364,7 @@ type DescribeGlobalClustersInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -24241,6 +28460,123 @@ func (s *DescribeGlobalClustersOutput) SetMarker(v string) *DescribeGlobalCluste return s } +type DescribeInstallationMediaInput struct { + _ struct{} `type:"structure"` + + // A filter that specifies one or more installation media to describe. Supported + // filters include the following: + // + // * custom-availability-zone-id - Accepts custom Availability Zone (AZ) + // identifiers. The results list includes information about only the custom + // AZs identified by these identifiers. + // + // * engine - Accepts database engines. The results list includes information + // about only the database engines identified by these identifiers. For more + // information about the valid engines for installation media, see ImportInstallationMedia. + Filters []*Filter `locationNameList:"Filter" type:"list"` + + // The installation medium ID. + InstallationMediaId *string `type:"string"` + + // An optional pagination token provided by a previous request. If this parameter + // is specified, the response includes only records beyond the marker, up to + // the value specified by MaxRecords. + Marker *string `type:"string"` + + // An optional pagination token provided by a previous DescribeInstallationMedia + // request. If this parameter is specified, the response includes only records + // beyond the marker, up to the value specified by MaxRecords. + MaxRecords *int64 `type:"integer"` +} + +// String returns the string representation +func (s DescribeInstallationMediaInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstallationMediaInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstallationMediaInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstallationMediaInput"} + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstallationMediaInput) SetFilters(v []*Filter) *DescribeInstallationMediaInput { + s.Filters = v + return s +} + +// SetInstallationMediaId sets the InstallationMediaId field's value. +func (s *DescribeInstallationMediaInput) SetInstallationMediaId(v string) *DescribeInstallationMediaInput { + s.InstallationMediaId = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeInstallationMediaInput) SetMarker(v string) *DescribeInstallationMediaInput { + s.Marker = &v + return s +} + +// SetMaxRecords sets the MaxRecords field's value. +func (s *DescribeInstallationMediaInput) SetMaxRecords(v int64) *DescribeInstallationMediaInput { + s.MaxRecords = &v + return s +} + +type DescribeInstallationMediaOutput struct { + _ struct{} `type:"structure"` + + // The list of InstallationMedia objects for the AWS account. + InstallationMedia []*InstallationMedia `locationNameList:"InstallationMedia" type:"list"` + + // An optional pagination token provided by a previous DescribeInstallationMedia + // request. If this parameter is specified, the response includes only records + // beyond the marker, up to the value specified by MaxRecords. + Marker *string `type:"string"` +} + +// String returns the string representation +func (s DescribeInstallationMediaOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstallationMediaOutput) GoString() string { + return s.String() +} + +// SetInstallationMedia sets the InstallationMedia field's value. +func (s *DescribeInstallationMediaOutput) SetInstallationMedia(v []*InstallationMedia) *DescribeInstallationMediaOutput { + s.InstallationMedia = v + return s +} + +// SetMarker sets the Marker field's value. +func (s *DescribeInstallationMediaOutput) SetMarker(v string) *DescribeInstallationMediaOutput { + s.Marker = &v + return s +} + type DescribeOptionGroupOptionsInput struct { _ struct{} `type:"structure"` @@ -24249,7 +28585,7 @@ type DescribeOptionGroupOptionsInput struct { // EngineName is a required field EngineName *string `type:"string" required:"true"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // If specified, filters the results to include only options for the specified @@ -24263,7 +28599,7 @@ type DescribeOptionGroupOptionsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -24375,7 +28711,7 @@ type DescribeOptionGroupsInput struct { // a specific database engine. EngineName *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // Filters the list of option groups to only include groups associated with @@ -24390,7 +28726,7 @@ type DescribeOptionGroupsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -24519,7 +28855,7 @@ type DescribeOrderableDBInstanceOptionsInput struct { // available offerings matching the specified engine version. EngineVersion *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // The license model filter value. Specify this parameter to show only the available @@ -24533,7 +28869,7 @@ type DescribeOrderableDBInstanceOptionsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -24686,7 +29022,7 @@ type DescribePendingMaintenanceActionsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so that you can retrieve the remaining results. // // Default: 100 // @@ -24799,7 +29135,7 @@ type DescribeReservedDBInstancesInput struct { // Valid Values: 1 | 3 | 31536000 | 94608000 Duration *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // The lease identifier filter value. Specify this parameter to show only the @@ -24816,7 +29152,7 @@ type DescribeReservedDBInstancesInput struct { // The maximum number of records to include in the response. If more than the // MaxRecords value is available, a pagination token called a marker is included - // in the response so that the following results can be retrieved. + // in the response so you can retrieve the remaining results. // // Default: 100 // @@ -24955,7 +29291,7 @@ type DescribeReservedDBInstancesOfferingsInput struct { // Valid Values: 1 | 3 | 31536000 | 94608000 Duration *string `type:"string"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous request. If this parameter @@ -24965,7 +29301,7 @@ type DescribeReservedDBInstancesOfferingsInput struct { // The maximum number of records to include in the response. If more than the // MaxRecords value is available, a pagination token called a marker is included - // in the response so that the following results can be retrieved. + // in the response so you can retrieve the remaining results. // // Default: 100 // @@ -25154,7 +29490,7 @@ func (s *DescribeReservedDBInstancesOutput) SetReservedDBInstances(v []*Reserved type DescribeSourceRegionsInput struct { _ struct{} `type:"structure"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // An optional pagination token provided by a previous DescribeSourceRegions @@ -25164,7 +29500,7 @@ type DescribeSourceRegionsInput struct { // The maximum number of records to include in the response. If more records // exist than the specified MaxRecords value, a pagination token called a marker - // is included in the response so that the remaining results can be retrieved. + // is included in the response so you can retrieve the remaining results. // // Default: 100 // @@ -25453,8 +29789,8 @@ type DownloadDBLogFilePortionInput struct { // is returned up to a maximum of 10000 lines, starting with the most recent // log entries first. // - // * If NumberOfLines is specified and Marker is not specified, then the - // most recent lines from the end of the log file are returned. + // * If NumberOfLines is specified and Marker isn't specified, then the most + // recent lines from the end of the log file are returned. // // * If Marker is specified as "0", then the specified number of lines from // the beginning of the log file are returned. @@ -25527,8 +29863,7 @@ type DownloadDBLogFilePortionOutput struct { // Entries from the specified log file. LogFileData *string `type:"string"` - // A pagination token that can be used in a subsequent DownloadDBLogFilePortion - // request. + // A pagination token that can be used in a later DownloadDBLogFilePortion request. Marker *string `type:"string"` } @@ -25937,10 +30272,180 @@ func (s *EventSubscription) SetSubscriptionCreationTime(v string) *EventSubscrip return s } +// Contains the details of a snapshot export to Amazon S3. +// +// This data type is used as a response element in the DescribeExportTasks action. +type ExportTask struct { + _ struct{} `type:"structure"` + + // The data exported from the snapshot. Valid values are the following: + // + // * database - Export all the data of the snapshot. + // + // * database.table [table-name] - Export a table of the snapshot. + // + // * database.schema [schema-name] - Export a database schema of the snapshot. + // This value isn't valid for RDS for MySQL, RDS for MariaDB, or Aurora MySQL. + // + // * database.schema.table [table-name] - Export a table of the database + // schema. This value isn't valid for RDS for MySQL, RDS for MariaDB, or + // Aurora MySQL. + ExportOnly []*string `type:"list"` + + // A unique identifier for the snapshot export task. This ID isn't an identifier + // for the Amazon S3 bucket where the snapshot is exported to. + ExportTaskIdentifier *string `type:"string"` + + // The reason the export failed, if it failed. + FailureCause *string `type:"string"` + + // The name of the IAM role that is used to write to Amazon S3 when exporting + // a snapshot. + IamRoleArn *string `type:"string"` + + // The ID of the AWS KMS key that is used to encrypt the snapshot when it's + // exported to Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), + // the KMS key identifier, or the KMS key alias for the KMS encryption key. + // The IAM role used for the snapshot export must have encryption and decryption + // permissions to use this KMS key. + KmsKeyId *string `type:"string"` + + // The progress of the snapshot export task as a percentage. + PercentProgress *int64 `type:"integer"` + + // The Amazon S3 bucket that the snapshot is exported to. + S3Bucket *string `type:"string"` + + // The Amazon S3 bucket prefix that is the file name and path of the exported + // snapshot. + S3Prefix *string `type:"string"` + + // The time that the snapshot was created. + SnapshotTime *time.Time `type:"timestamp"` + + // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + SourceArn *string `type:"string"` + + // The progress status of the export task. + Status *string `type:"string"` + + // The time that the snapshot export task completed. + TaskEndTime *time.Time `type:"timestamp"` + + // The time that the snapshot export task started. + TaskStartTime *time.Time `type:"timestamp"` + + // The total amount of data exported, in gigabytes. + TotalExtractedDataInGB *int64 `type:"integer"` + + // A warning about the snapshot export task. + WarningMessage *string `type:"string"` +} + +// String returns the string representation +func (s ExportTask) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportTask) GoString() string { + return s.String() +} + +// SetExportOnly sets the ExportOnly field's value. +func (s *ExportTask) SetExportOnly(v []*string) *ExportTask { + s.ExportOnly = v + return s +} + +// SetExportTaskIdentifier sets the ExportTaskIdentifier field's value. +func (s *ExportTask) SetExportTaskIdentifier(v string) *ExportTask { + s.ExportTaskIdentifier = &v + return s +} + +// SetFailureCause sets the FailureCause field's value. +func (s *ExportTask) SetFailureCause(v string) *ExportTask { + s.FailureCause = &v + return s +} + +// SetIamRoleArn sets the IamRoleArn field's value. +func (s *ExportTask) SetIamRoleArn(v string) *ExportTask { + s.IamRoleArn = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *ExportTask) SetKmsKeyId(v string) *ExportTask { + s.KmsKeyId = &v + return s +} + +// SetPercentProgress sets the PercentProgress field's value. +func (s *ExportTask) SetPercentProgress(v int64) *ExportTask { + s.PercentProgress = &v + return s +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *ExportTask) SetS3Bucket(v string) *ExportTask { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *ExportTask) SetS3Prefix(v string) *ExportTask { + s.S3Prefix = &v + return s +} + +// SetSnapshotTime sets the SnapshotTime field's value. +func (s *ExportTask) SetSnapshotTime(v time.Time) *ExportTask { + s.SnapshotTime = &v + return s +} + +// SetSourceArn sets the SourceArn field's value. +func (s *ExportTask) SetSourceArn(v string) *ExportTask { + s.SourceArn = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ExportTask) SetStatus(v string) *ExportTask { + s.Status = &v + return s +} + +// SetTaskEndTime sets the TaskEndTime field's value. +func (s *ExportTask) SetTaskEndTime(v time.Time) *ExportTask { + s.TaskEndTime = &v + return s +} + +// SetTaskStartTime sets the TaskStartTime field's value. +func (s *ExportTask) SetTaskStartTime(v time.Time) *ExportTask { + s.TaskStartTime = &v + return s +} + +// SetTotalExtractedDataInGB sets the TotalExtractedDataInGB field's value. +func (s *ExportTask) SetTotalExtractedDataInGB(v int64) *ExportTask { + s.TotalExtractedDataInGB = &v + return s +} + +// SetWarningMessage sets the WarningMessage field's value. +func (s *ExportTask) SetWarningMessage(v string) *ExportTask { + s.WarningMessage = &v + return s +} + type FailoverDBClusterInput struct { _ struct{} `type:"structure"` - // A DB cluster identifier to force a failover for. This parameter is not case-sensitive. + // A DB cluster identifier to force a failover for. This parameter isn't case-sensitive. // // Constraints: // @@ -26276,10 +30781,338 @@ func (s *IPRange) SetStatus(v string) *IPRange { return s } +type ImportInstallationMediaInput struct { + _ struct{} `type:"structure"` + + // The identifier of the custom Availability Zone (AZ) to import the installation + // media to. + // + // CustomAvailabilityZoneId is a required field + CustomAvailabilityZoneId *string `type:"string" required:"true"` + + // The name of the database engine to be used for this instance. + // + // The list only includes supported DB engines that require an on-premises customer + // provided license. + // + // Valid Values: + // + // * sqlserver-ee + // + // * sqlserver-se + // + // * sqlserver-ex + // + // * sqlserver-web + // + // Engine is a required field + Engine *string `type:"string" required:"true"` + + // The path to the installation medium for the specified DB engine. + // + // Example: SQLServerISO/en_sql_server_2016_enterprise_x64_dvd_8701793.iso + // + // EngineInstallationMediaPath is a required field + EngineInstallationMediaPath *string `type:"string" required:"true"` + + // The version number of the database engine to use. + // + // For a list of valid engine versions, call DescribeDBEngineVersions. + // + // The following are the database engines and links to information about the + // major and minor versions. The list only includes DB engines that require + // an on-premises customer provided license. + // + // Microsoft SQL Server + // + // See Version and Feature Support on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.FeatureSupport) + // in the Amazon RDS User Guide. + // + // EngineVersion is a required field + EngineVersion *string `type:"string" required:"true"` + + // The path to the installation medium for the operating system associated with + // the specified DB engine. + // + // Example: WindowsISO/en_windows_server_2016_x64_dvd_9327751.iso + // + // OSInstallationMediaPath is a required field + OSInstallationMediaPath *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ImportInstallationMediaInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImportInstallationMediaInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ImportInstallationMediaInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ImportInstallationMediaInput"} + if s.CustomAvailabilityZoneId == nil { + invalidParams.Add(request.NewErrParamRequired("CustomAvailabilityZoneId")) + } + if s.Engine == nil { + invalidParams.Add(request.NewErrParamRequired("Engine")) + } + if s.EngineInstallationMediaPath == nil { + invalidParams.Add(request.NewErrParamRequired("EngineInstallationMediaPath")) + } + if s.EngineVersion == nil { + invalidParams.Add(request.NewErrParamRequired("EngineVersion")) + } + if s.OSInstallationMediaPath == nil { + invalidParams.Add(request.NewErrParamRequired("OSInstallationMediaPath")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *ImportInstallationMediaInput) SetCustomAvailabilityZoneId(v string) *ImportInstallationMediaInput { + s.CustomAvailabilityZoneId = &v + return s +} + +// SetEngine sets the Engine field's value. +func (s *ImportInstallationMediaInput) SetEngine(v string) *ImportInstallationMediaInput { + s.Engine = &v + return s +} + +// SetEngineInstallationMediaPath sets the EngineInstallationMediaPath field's value. +func (s *ImportInstallationMediaInput) SetEngineInstallationMediaPath(v string) *ImportInstallationMediaInput { + s.EngineInstallationMediaPath = &v + return s +} + +// SetEngineVersion sets the EngineVersion field's value. +func (s *ImportInstallationMediaInput) SetEngineVersion(v string) *ImportInstallationMediaInput { + s.EngineVersion = &v + return s +} + +// SetOSInstallationMediaPath sets the OSInstallationMediaPath field's value. +func (s *ImportInstallationMediaInput) SetOSInstallationMediaPath(v string) *ImportInstallationMediaInput { + s.OSInstallationMediaPath = &v + return s +} + +// Contains the installation media for a DB engine that requires an on-premises +// customer provided license, such as Microsoft SQL Server. +type ImportInstallationMediaOutput struct { + _ struct{} `type:"structure"` + + // The custom Availability Zone (AZ) that contains the installation media. + CustomAvailabilityZoneId *string `type:"string"` + + // The DB engine. + Engine *string `type:"string"` + + // The path to the installation medium for the DB engine. + EngineInstallationMediaPath *string `type:"string"` + + // The engine version of the DB engine. + EngineVersion *string `type:"string"` + + // If an installation media failure occurred, the cause of the failure. + FailureCause *InstallationMediaFailureCause `type:"structure"` + + // The installation medium ID. + InstallationMediaId *string `type:"string"` + + // The path to the installation medium for the operating system associated with + // the DB engine. + OSInstallationMediaPath *string `type:"string"` + + // The status of the installation medium. + Status *string `type:"string"` +} + +// String returns the string representation +func (s ImportInstallationMediaOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImportInstallationMediaOutput) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *ImportInstallationMediaOutput) SetCustomAvailabilityZoneId(v string) *ImportInstallationMediaOutput { + s.CustomAvailabilityZoneId = &v + return s +} + +// SetEngine sets the Engine field's value. +func (s *ImportInstallationMediaOutput) SetEngine(v string) *ImportInstallationMediaOutput { + s.Engine = &v + return s +} + +// SetEngineInstallationMediaPath sets the EngineInstallationMediaPath field's value. +func (s *ImportInstallationMediaOutput) SetEngineInstallationMediaPath(v string) *ImportInstallationMediaOutput { + s.EngineInstallationMediaPath = &v + return s +} + +// SetEngineVersion sets the EngineVersion field's value. +func (s *ImportInstallationMediaOutput) SetEngineVersion(v string) *ImportInstallationMediaOutput { + s.EngineVersion = &v + return s +} + +// SetFailureCause sets the FailureCause field's value. +func (s *ImportInstallationMediaOutput) SetFailureCause(v *InstallationMediaFailureCause) *ImportInstallationMediaOutput { + s.FailureCause = v + return s +} + +// SetInstallationMediaId sets the InstallationMediaId field's value. +func (s *ImportInstallationMediaOutput) SetInstallationMediaId(v string) *ImportInstallationMediaOutput { + s.InstallationMediaId = &v + return s +} + +// SetOSInstallationMediaPath sets the OSInstallationMediaPath field's value. +func (s *ImportInstallationMediaOutput) SetOSInstallationMediaPath(v string) *ImportInstallationMediaOutput { + s.OSInstallationMediaPath = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ImportInstallationMediaOutput) SetStatus(v string) *ImportInstallationMediaOutput { + s.Status = &v + return s +} + +// Contains the installation media for a DB engine that requires an on-premises +// customer provided license, such as Microsoft SQL Server. +type InstallationMedia struct { + _ struct{} `type:"structure"` + + // The custom Availability Zone (AZ) that contains the installation media. + CustomAvailabilityZoneId *string `type:"string"` + + // The DB engine. + Engine *string `type:"string"` + + // The path to the installation medium for the DB engine. + EngineInstallationMediaPath *string `type:"string"` + + // The engine version of the DB engine. + EngineVersion *string `type:"string"` + + // If an installation media failure occurred, the cause of the failure. + FailureCause *InstallationMediaFailureCause `type:"structure"` + + // The installation medium ID. + InstallationMediaId *string `type:"string"` + + // The path to the installation medium for the operating system associated with + // the DB engine. + OSInstallationMediaPath *string `type:"string"` + + // The status of the installation medium. + Status *string `type:"string"` +} + +// String returns the string representation +func (s InstallationMedia) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstallationMedia) GoString() string { + return s.String() +} + +// SetCustomAvailabilityZoneId sets the CustomAvailabilityZoneId field's value. +func (s *InstallationMedia) SetCustomAvailabilityZoneId(v string) *InstallationMedia { + s.CustomAvailabilityZoneId = &v + return s +} + +// SetEngine sets the Engine field's value. +func (s *InstallationMedia) SetEngine(v string) *InstallationMedia { + s.Engine = &v + return s +} + +// SetEngineInstallationMediaPath sets the EngineInstallationMediaPath field's value. +func (s *InstallationMedia) SetEngineInstallationMediaPath(v string) *InstallationMedia { + s.EngineInstallationMediaPath = &v + return s +} + +// SetEngineVersion sets the EngineVersion field's value. +func (s *InstallationMedia) SetEngineVersion(v string) *InstallationMedia { + s.EngineVersion = &v + return s +} + +// SetFailureCause sets the FailureCause field's value. +func (s *InstallationMedia) SetFailureCause(v *InstallationMediaFailureCause) *InstallationMedia { + s.FailureCause = v + return s +} + +// SetInstallationMediaId sets the InstallationMediaId field's value. +func (s *InstallationMedia) SetInstallationMediaId(v string) *InstallationMedia { + s.InstallationMediaId = &v + return s +} + +// SetOSInstallationMediaPath sets the OSInstallationMediaPath field's value. +func (s *InstallationMedia) SetOSInstallationMediaPath(v string) *InstallationMedia { + s.OSInstallationMediaPath = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *InstallationMedia) SetStatus(v string) *InstallationMedia { + s.Status = &v + return s +} + +// Contains the cause of an installation media failure. Installation media is +// used for a DB engine that requires an on-premises customer provided license, +// such as Microsoft SQL Server. +type InstallationMediaFailureCause struct { + _ struct{} `type:"structure"` + + // The reason that an installation media import failed. + Message *string `type:"string"` +} + +// String returns the string representation +func (s InstallationMediaFailureCause) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstallationMediaFailureCause) GoString() string { + return s.String() +} + +// SetMessage sets the Message field's value. +func (s *InstallationMediaFailureCause) SetMessage(v string) *InstallationMediaFailureCause { + s.Message = &v + return s +} + type ListTagsForResourceInput struct { _ struct{} `type:"structure"` - // This parameter is not currently supported. + // This parameter isn't currently supported. Filters []*Filter `locationNameList:"Filter" type:"list"` // The Amazon RDS resource with tags to be listed. This value is an Amazon Resource @@ -26393,6 +31226,65 @@ func (s *MinimumEngineVersionPerAllowedValue) SetMinimumEngineVersion(v string) return s } +type ModifyCertificatesInput struct { + _ struct{} `type:"structure"` + + // The new default certificate identifier to override the current one with. + // + // To determine the valid values, use the describe-certificates AWS CLI command + // or the DescribeCertificates API operation. + CertificateIdentifier *string `type:"string"` + + // A value that indicates whether to remove the override for the default certificate. + // If the override is removed, the default certificate is the system default. + RemoveCustomerOverride *bool `type:"boolean"` +} + +// String returns the string representation +func (s ModifyCertificatesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyCertificatesInput) GoString() string { + return s.String() +} + +// SetCertificateIdentifier sets the CertificateIdentifier field's value. +func (s *ModifyCertificatesInput) SetCertificateIdentifier(v string) *ModifyCertificatesInput { + s.CertificateIdentifier = &v + return s +} + +// SetRemoveCustomerOverride sets the RemoveCustomerOverride field's value. +func (s *ModifyCertificatesInput) SetRemoveCustomerOverride(v bool) *ModifyCertificatesInput { + s.RemoveCustomerOverride = &v + return s +} + +type ModifyCertificatesOutput struct { + _ struct{} `type:"structure"` + + // A CA certificate for an AWS account. + Certificate *Certificate `type:"structure"` +} + +// String returns the string representation +func (s ModifyCertificatesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyCertificatesOutput) GoString() string { + return s.String() +} + +// SetCertificate sets the Certificate field's value. +func (s *ModifyCertificatesOutput) SetCertificate(v *Certificate) *ModifyCertificatesOutput { + s.Certificate = v + return s +} + type ModifyCurrentDBClusterCapacityInput struct { _ struct{} `type:"structure"` @@ -26403,11 +31295,15 @@ type ModifyCurrentDBClusterCapacityInput struct { // // Constraints: // - // * Value must be 1, 2, 4, 8, 16, 32, 64, 128, or 256. + // * For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, + // 128, and 256. + // + // * For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, + // 192, and 384. Capacity *int64 `type:"integer"` // The DB cluster identifier for the cluster being modified. This parameter - // is not case-sensitive. + // isn't case-sensitive. // // Constraints: // @@ -26429,8 +31325,8 @@ type ModifyCurrentDBClusterCapacityInput struct { // ForceApplyCapacityChange, the default, sets the capacity to the specified // value as soon as possible. // - // RollbackCapacityChange ignores the capacity change if a scaling point is - // not found in the timeout period. + // RollbackCapacityChange ignores the capacity change if a scaling point isn't + // found in the timeout period. TimeoutAction *string `type:"string"` } @@ -26791,7 +31687,7 @@ type ModifyDBClusterInput struct { CopyTagsToSnapshot *bool `type:"boolean"` // The DB cluster identifier for the cluster being modified. This parameter - // is not case-sensitive. + // isn't case-sensitive. // // Constraints: This identifier must match the identifier of an existing DB // cluster. @@ -27364,6 +32260,27 @@ type ModifyDBInstanceInput struct { // Indicates the certificate that needs to be associated with the instance. CACertificateIdentifier *string `type:"string"` + // A value that indicates whether the DB instance is restarted when you rotate + // your SSL/TLS certificate. + // + // By default, the DB instance is restarted when you rotate your SSL/TLS certificate. + // The certificate is not updated until the DB instance is restarted. + // + // Set this parameter only if you are not using SSL/TLS to connect to the DB + // instance. + // + // If you are using SSL/TLS to connect to the DB instance, follow the appropriate + // instructions for your DB engine to rotate your SSL/TLS certificate: + // + // * For more information about rotating your SSL/TLS certificate for RDS + // DB engines, see Rotating Your SSL/TLS Certificate. (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) + // in the Amazon RDS User Guide. + // + // * For more information about rotating your SSL/TLS certificate for Aurora + // DB engines, see Rotating Your SSL/TLS Certificate (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) + // in the Amazon Aurora User Guide. + CertificateRotationRestart *bool `type:"boolean"` + // The configuration setting for the log types to be enabled for export to CloudWatch // Logs for a specific DB instance. // @@ -27475,7 +32392,7 @@ type ModifyDBInstanceInput struct { DBSecurityGroups []*string `locationNameList:"DBSecurityGroupName" type:"list"` // The new DB subnet group for the DB instance. You can use this parameter to - // move your DB instance to a different VPC. If your DB instance is not in a + // move your DB instance to a different VPC. If your DB instance isn't in a // VPC, you can also use this parameter to move your DB instance into a VPC. // For more information, see Updating the VPC for a DB Instance (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Non-VPC2VPC) // in the Amazon RDS User Guide. @@ -27747,7 +32664,7 @@ type ModifyDBInstanceInput struct { // A value that indicates whether the DB instance is publicly accessible. When // the DB instance is publicly accessible, it is an Internet-facing instance // with a publicly resolvable DNS name, which resolves to a public IP address. - // When the DB instance is not publicly accessible, it is an internal instance + // When the DB instance isn't publicly accessible, it is an internal instance // with a DNS name that resolves to a private IP address. // // PubliclyAccessible only applies to DB instances in a VPC. The DB instance @@ -27865,6 +32782,12 @@ func (s *ModifyDBInstanceInput) SetCACertificateIdentifier(v string) *ModifyDBIn return s } +// SetCertificateRotationRestart sets the CertificateRotationRestart field's value. +func (s *ModifyDBInstanceInput) SetCertificateRotationRestart(v bool) *ModifyDBInstanceInput { + s.CertificateRotationRestart = &v + return s +} + // SetCloudwatchLogsExportConfiguration sets the CloudwatchLogsExportConfiguration field's value. func (s *ModifyDBInstanceInput) SetCloudwatchLogsExportConfiguration(v *CloudwatchLogsExportConfiguration) *ModifyDBInstanceInput { s.CloudwatchLogsExportConfiguration = v @@ -28114,7 +33037,7 @@ type ModifyDBParameterGroupInput struct { // An array of parameter names, values, and the apply method for the parameter // update. At least one parameter name, value, and apply method must be supplied; - // subsequent arguments are optional. A maximum of 20 parameters can be modified + // later arguments are optional. A maximum of 20 parameters can be modified // in a single request. // // Valid Values (for the application method): immediate | pending-reboot @@ -28165,6 +33088,239 @@ func (s *ModifyDBParameterGroupInput) SetParameters(v []*Parameter) *ModifyDBPar return s } +type ModifyDBProxyInput struct { + _ struct{} `type:"structure"` + + // The new authentication settings for the DBProxy. + Auth []*UserAuthConfig `type:"list"` + + // The identifier for the DBProxy to modify. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // Whether the proxy includes detailed information about SQL statements in its + // logs. This information helps you to debug issues involving SQL behavior or + // the performance and scalability of the proxy connections. The debug information + // includes the text of SQL statements that you submit through the proxy. Thus, + // only enable this setting when needed for debugging, and only when you have + // security measures in place to safeguard any sensitive information that appears + // in the logs. + DebugLogging *bool `type:"boolean"` + + // The number of seconds that a connection to the proxy can be inactive before + // the proxy disconnects it. You can set this value higher or lower than the + // connection timeout limit for the associated database. + IdleClientTimeout *int64 `type:"integer"` + + // The new identifier for the DBProxy. An identifier must begin with a letter + // and must contain only ASCII letters, digits, and hyphens; it can't end with + // a hyphen or contain two consecutive hyphens. + NewDBProxyName *string `type:"string"` + + // Whether Transport Layer Security (TLS) encryption is required for connections + // to the proxy. By enabling this setting, you can enforce encrypted TLS connections + // to the proxy, even if the associated database doesn't use TLS. + RequireTLS *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access + // secrets in AWS Secrets Manager. + RoleArn *string `type:"string"` + + // The new list of security groups for the DBProxy. + SecurityGroups []*string `type:"list"` +} + +// String returns the string representation +func (s ModifyDBProxyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyDBProxyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyDBProxyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyDBProxyInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAuth sets the Auth field's value. +func (s *ModifyDBProxyInput) SetAuth(v []*UserAuthConfig) *ModifyDBProxyInput { + s.Auth = v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *ModifyDBProxyInput) SetDBProxyName(v string) *ModifyDBProxyInput { + s.DBProxyName = &v + return s +} + +// SetDebugLogging sets the DebugLogging field's value. +func (s *ModifyDBProxyInput) SetDebugLogging(v bool) *ModifyDBProxyInput { + s.DebugLogging = &v + return s +} + +// SetIdleClientTimeout sets the IdleClientTimeout field's value. +func (s *ModifyDBProxyInput) SetIdleClientTimeout(v int64) *ModifyDBProxyInput { + s.IdleClientTimeout = &v + return s +} + +// SetNewDBProxyName sets the NewDBProxyName field's value. +func (s *ModifyDBProxyInput) SetNewDBProxyName(v string) *ModifyDBProxyInput { + s.NewDBProxyName = &v + return s +} + +// SetRequireTLS sets the RequireTLS field's value. +func (s *ModifyDBProxyInput) SetRequireTLS(v bool) *ModifyDBProxyInput { + s.RequireTLS = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *ModifyDBProxyInput) SetRoleArn(v string) *ModifyDBProxyInput { + s.RoleArn = &v + return s +} + +// SetSecurityGroups sets the SecurityGroups field's value. +func (s *ModifyDBProxyInput) SetSecurityGroups(v []*string) *ModifyDBProxyInput { + s.SecurityGroups = v + return s +} + +type ModifyDBProxyOutput struct { + _ struct{} `type:"structure"` + + // The DBProxy object representing the new settings for the proxy. + DBProxy *DBProxy `type:"structure"` +} + +// String returns the string representation +func (s ModifyDBProxyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyDBProxyOutput) GoString() string { + return s.String() +} + +// SetDBProxy sets the DBProxy field's value. +func (s *ModifyDBProxyOutput) SetDBProxy(v *DBProxy) *ModifyDBProxyOutput { + s.DBProxy = v + return s +} + +type ModifyDBProxyTargetGroupInput struct { + _ struct{} `type:"structure"` + + // The settings that determine the size and behavior of the connection pool + // for the target group. + ConnectionPoolConfig *ConnectionPoolConfiguration `type:"structure"` + + // The name of the new proxy to which to assign the target group. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // The new name for the modified DBProxyTarget. An identifier must begin with + // a letter and must contain only ASCII letters, digits, and hyphens; it can't + // end with a hyphen or contain two consecutive hyphens. + NewName *string `type:"string"` + + // The name of the new target group to assign to the proxy. + // + // TargetGroupName is a required field + TargetGroupName *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyDBProxyTargetGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyDBProxyTargetGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyDBProxyTargetGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyDBProxyTargetGroupInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + if s.TargetGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("TargetGroupName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConnectionPoolConfig sets the ConnectionPoolConfig field's value. +func (s *ModifyDBProxyTargetGroupInput) SetConnectionPoolConfig(v *ConnectionPoolConfiguration) *ModifyDBProxyTargetGroupInput { + s.ConnectionPoolConfig = v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *ModifyDBProxyTargetGroupInput) SetDBProxyName(v string) *ModifyDBProxyTargetGroupInput { + s.DBProxyName = &v + return s +} + +// SetNewName sets the NewName field's value. +func (s *ModifyDBProxyTargetGroupInput) SetNewName(v string) *ModifyDBProxyTargetGroupInput { + s.NewName = &v + return s +} + +// SetTargetGroupName sets the TargetGroupName field's value. +func (s *ModifyDBProxyTargetGroupInput) SetTargetGroupName(v string) *ModifyDBProxyTargetGroupInput { + s.TargetGroupName = &v + return s +} + +type ModifyDBProxyTargetGroupOutput struct { + _ struct{} `type:"structure"` + + // The settings of the modified DBProxyTarget. + DBProxyTargetGroup *DBProxyTargetGroup `type:"structure"` +} + +// String returns the string representation +func (s ModifyDBProxyTargetGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyDBProxyTargetGroupOutput) GoString() string { + return s.String() +} + +// SetDBProxyTargetGroup sets the DBProxyTargetGroup field's value. +func (s *ModifyDBProxyTargetGroupOutput) SetDBProxyTargetGroup(v *DBProxyTargetGroup) *ModifyDBProxyTargetGroupOutput { + s.DBProxyTargetGroup = v + return s +} + type ModifyDBSnapshotAttributeInput struct { _ struct{} `type:"structure"` @@ -28303,6 +33459,11 @@ type ModifyDBSnapshotInput struct { // * 11.2.0.4.v12 (supported for 11.2.0.2 DB snapshots) // // * 11.2.0.4.v11 (supported for 11.2.0.3 DB snapshots) + // + // PostgreSQL + // + // For the list of engine versions that are available for upgrading a DB snapshot, + // see Upgrading the PostgreSQL DB Engine for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.PostgreSQL.html#USER_UpgradeDBInstance.PostgreSQL.MajorVersion). EngineVersion *string `type:"string"` // The option group to identify with the upgraded DB snapshot. @@ -28494,7 +33655,7 @@ type ModifyEventSubscriptionInput struct { // The type of source that is generating the events. For example, if you want // to be notified of events generated by a DB instance, you would set this parameter - // to db-instance. if this value is not specified, all events are returned. + // to db-instance. If this value isn't specified, all events are returned. // // Valid values: db-instance | db-parameter-group | db-security-group | db-snapshot SourceType *string `type:"string"` @@ -28591,7 +33752,7 @@ type ModifyGlobalClusterInput struct { DeletionProtection *bool `type:"boolean"` // The DB cluster identifier for the global cluster being modified. This parameter - // is not case-sensitive. + // isn't case-sensitive. // // Constraints: // @@ -29869,7 +35030,7 @@ type PendingMaintenanceAction struct { _ struct{} `type:"structure"` // The type of pending maintenance action that is available for the resource. - // Valid actions are system-update, db-upgrade, and hardware-maintenance. + // Valid actions are system-update, db-upgrade, hardware-maintenance, and ca-certificate-rotation. Action *string `type:"string"` // The date of the maintenance window when the action is applied. The maintenance @@ -30172,7 +35333,7 @@ type PromoteReadReplicaDBClusterInput struct { _ struct{} `type:"structure"` // The identifier of the DB cluster Read Replica to promote. This parameter - // is not case-sensitive. + // isn't case-sensitive. // // Constraints: // @@ -30508,7 +35669,7 @@ type RebootDBInstanceInput struct { // A value that indicates whether the reboot is conducted through a Multi-AZ // failover. // - // Constraint: You can't enable force failover if the instance is not configured + // Constraint: You can't enable force failover if the instance isn't configured // for Multi-AZ. ForceFailover *bool `type:"boolean"` } @@ -30607,6 +35768,95 @@ func (s *RecurringCharge) SetRecurringChargeFrequency(v string) *RecurringCharge return s } +type RegisterDBProxyTargetsInput struct { + _ struct{} `type:"structure"` + + // One or more DB cluster identifiers. + DBClusterIdentifiers []*string `type:"list"` + + // One or more DB instance identifiers. + DBInstanceIdentifiers []*string `type:"list"` + + // The identifier of the DBProxy that is associated with the DBProxyTargetGroup. + // + // DBProxyName is a required field + DBProxyName *string `type:"string" required:"true"` + + // The identifier of the DBProxyTargetGroup. + TargetGroupName *string `type:"string"` +} + +// String returns the string representation +func (s RegisterDBProxyTargetsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterDBProxyTargetsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterDBProxyTargetsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterDBProxyTargetsInput"} + if s.DBProxyName == nil { + invalidParams.Add(request.NewErrParamRequired("DBProxyName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDBClusterIdentifiers sets the DBClusterIdentifiers field's value. +func (s *RegisterDBProxyTargetsInput) SetDBClusterIdentifiers(v []*string) *RegisterDBProxyTargetsInput { + s.DBClusterIdentifiers = v + return s +} + +// SetDBInstanceIdentifiers sets the DBInstanceIdentifiers field's value. +func (s *RegisterDBProxyTargetsInput) SetDBInstanceIdentifiers(v []*string) *RegisterDBProxyTargetsInput { + s.DBInstanceIdentifiers = v + return s +} + +// SetDBProxyName sets the DBProxyName field's value. +func (s *RegisterDBProxyTargetsInput) SetDBProxyName(v string) *RegisterDBProxyTargetsInput { + s.DBProxyName = &v + return s +} + +// SetTargetGroupName sets the TargetGroupName field's value. +func (s *RegisterDBProxyTargetsInput) SetTargetGroupName(v string) *RegisterDBProxyTargetsInput { + s.TargetGroupName = &v + return s +} + +type RegisterDBProxyTargetsOutput struct { + _ struct{} `type:"structure"` + + // One or more DBProxyTarget objects that are created when you register targets + // with a target group. + DBProxyTargets []*DBProxyTarget `type:"list"` +} + +// String returns the string representation +func (s RegisterDBProxyTargetsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterDBProxyTargetsOutput) GoString() string { + return s.String() +} + +// SetDBProxyTargets sets the DBProxyTargets field's value. +func (s *RegisterDBProxyTargetsOutput) SetDBProxyTargets(v []*DBProxyTarget) *RegisterDBProxyTargetsOutput { + s.DBProxyTargets = v + return s +} + type RemoveFromGlobalClusterInput struct { _ struct{} `type:"structure"` @@ -32023,6 +37273,9 @@ type RestoreDBClusterFromSnapshotInput struct { // // aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion" // + // If you aren't using the default engine version, then you must specify the + // engine version. + // // Aurora MySQL // // Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5 @@ -32047,8 +37300,8 @@ type RestoreDBClusterFromSnapshotInput struct { // then the restored DB cluster is encrypted using the KMS key that was used // to encrypt the DB snapshot or DB cluster snapshot. // - // * If the DB snapshot or DB cluster snapshot in SnapshotIdentifier is not - // encrypted, then the restored DB cluster is not encrypted. + // * If the DB snapshot or DB cluster snapshot in SnapshotIdentifier isn't + // encrypted, then the restored DB cluster isn't encrypted. KmsKeyId *string `type:"string"` // The name of the option group to use for the restored DB cluster. @@ -32351,10 +37604,10 @@ type RestoreDBClusterToPointInTimeInput struct { // * If the DB cluster is encrypted, then the restored DB cluster is encrypted // using the KMS key that was used to encrypt the source DB cluster. // - // * If the DB cluster is not encrypted, then the restored DB cluster is - // not encrypted. + // * If the DB cluster isn't encrypted, then the restored DB cluster isn't + // encrypted. // - // If DBClusterIdentifier refers to a DB cluster that is not encrypted, then + // If DBClusterIdentifier refers to a DB cluster that isn't encrypted, then // the restore request is rejected. KmsKeyId *string `type:"string"` @@ -32376,7 +37629,7 @@ type RestoreDBClusterToPointInTimeInput struct { // // * Must be before the latest restorable time for the DB instance // - // * Must be specified if UseLatestRestorableTime parameter is not provided + // * Must be specified if UseLatestRestorableTime parameter isn't provided // // * Can't be specified if the UseLatestRestorableTime parameter is enabled // @@ -32415,7 +37668,7 @@ type RestoreDBClusterToPointInTimeInput struct { Tags []*Tag `locationNameList:"Tag" type:"list"` // A value that indicates whether to restore the DB cluster to the latest restorable - // backup time. By default, the DB cluster is not restored to the latest restorable + // backup time. By default, the DB cluster isn't restored to the latest restorable // backup time. // // Constraints: Can't be specified if RestoreToTime parameter is provided. @@ -32740,7 +37993,7 @@ type RestoreDBInstanceFromDBSnapshotInput struct { Engine *string `type:"string"` // Specifies the amount of provisioned IOPS for the DB instance, expressed in - // I/O operations per second. If this parameter is not specified, the IOPS value + // I/O operations per second. If this parameter isn't specified, the IOPS value // is taken from the backup. If this parameter is set to 0, the new instance // is converted to a non-PIOPS instance. The conversion takes additional time, // though your DB instance is available for connections before the conversion @@ -32788,7 +38041,7 @@ type RestoreDBInstanceFromDBSnapshotInput struct { // A value that indicates whether the DB instance is publicly accessible. When // the DB instance is publicly accessible, it is an Internet-facing instance // with a publicly resolvable DNS name, which resolves to a public IP address. - // When the DB instance is not publicly accessible, it is an internal instance + // When the DB instance isn't publicly accessible, it is an internal instance // with a DNS name that resolves to a private IP address. For more information, // see CreateDBInstance. PubliclyAccessible *bool `type:"boolean"` @@ -33088,8 +38341,7 @@ type RestoreDBInstanceFromS3Input struct { // for your engine, see DB Instance Class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) // in the Amazon RDS User Guide. // - // Importing from Amazon S3 is not supported on the db.t2.micro DB instance - // class. + // Importing from Amazon S3 isn't supported on the db.t2.micro DB instance class. // // DBInstanceClass is a required field DBInstanceClass *string `type:"string" required:"true"` @@ -33301,7 +38553,7 @@ type RestoreDBInstanceFromS3Input struct { // A value that indicates whether the DB instance is publicly accessible. When // the DB instance is publicly accessible, it is an Internet-facing instance // with a publicly resolvable DNS name, which resolves to a public IP address. - // When the DB instance is not publicly accessible, it is an internal instance + // When the DB instance isn't publicly accessible, it is an internal instance // with a DNS name that resolves to a private IP address. For more information, // see CreateDBInstance. PubliclyAccessible *bool `type:"boolean"` @@ -33715,7 +38967,7 @@ type RestoreDBInstanceToPointInTimeInput struct { // The database name for the restored DB instance. // - // This parameter is not used for the MySQL or MariaDB engines. + // This parameter isn't used for the MySQL or MariaDB engines. DBName *string `type:"string"` // The name of the DB parameter group to associate with this DB instance. @@ -33821,7 +39073,7 @@ type RestoreDBInstanceToPointInTimeInput struct { // // SQL Server // - // Setting the IOPS value for the SQL Server database engine is not supported. + // Setting the IOPS value for the SQL Server database engine isn't supported. Iops *int64 `type:"integer"` // License model information for the restored DB instance. @@ -33858,7 +39110,7 @@ type RestoreDBInstanceToPointInTimeInput struct { // A value that indicates whether the DB instance is publicly accessible. When // the DB instance is publicly accessible, it is an Internet-facing instance // with a publicly resolvable DNS name, which resolves to a public IP address. - // When the DB instance is not publicly accessible, it is an internal instance + // When the DB instance isn't publicly accessible, it is an internal instance // with a DNS name that resolves to a private IP address. For more information, // see CreateDBInstance. PubliclyAccessible *bool `type:"boolean"` @@ -33924,8 +39176,8 @@ type RestoreDBInstanceToPointInTimeInput struct { UseDefaultProcessorFeatures *bool `type:"boolean"` // A value that indicates whether the DB instance is restored from the latest - // backup time. By default, the DB instance is not restored from the latest - // backup time. + // backup time. By default, the DB instance isn't restored from the latest backup + // time. // // Constraints: Can't be specified if the RestoreTime parameter is provided. UseLatestRestorableTime *bool `type:"boolean"` @@ -34226,8 +39478,8 @@ type RevokeDBSecurityGroupIngressInput struct { // and either EC2SecurityGroupName or EC2SecurityGroupId must be provided. EC2SecurityGroupName *string `type:"string"` - // The AWS Account Number of the owner of the EC2 security group specified in - // the EC2SecurityGroupName parameter. The AWS Access Key ID is not an acceptable + // The AWS account number of the owner of the EC2 security group specified in + // the EC2SecurityGroupName parameter. The AWS access key ID isn't an acceptable // value. For VPC DB security groups, EC2SecurityGroupId must be provided. Otherwise, // EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId // must be provided. @@ -34331,14 +39583,22 @@ type ScalingConfiguration struct { // The maximum capacity for an Aurora DB cluster in serverless DB engine mode. // - // Valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, and 256. + // For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, + // and 256. + // + // For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, 192, + // and 384. // // The maximum capacity must be greater than or equal to the minimum capacity. MaxCapacity *int64 `type:"integer"` // The minimum capacity for an Aurora DB cluster in serverless DB engine mode. // - // Valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, and 256. + // For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, + // and 256. + // + // For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, 192, + // and 384. // // The minimum capacity must be less than or equal to the maximum capacity. MinCapacity *int64 `type:"integer"` @@ -34353,7 +39613,7 @@ type ScalingConfiguration struct { // as possible. // // RollbackCapacityChange, the default, ignores the capacity change if a scaling - // point is not found in the timeout period. + // point isn't found in the timeout period. // // If you specify ForceApplyCapacityChange, connections that prevent Aurora // Serverless from finding a scaling point might be dropped. @@ -34786,6 +40046,307 @@ func (s *StartDBInstanceOutput) SetDBInstance(v *DBInstance) *StartDBInstanceOut return s } +type StartExportTaskInput struct { + _ struct{} `type:"structure"` + + // The data to be exported from the snapshot. If this parameter is not provided, + // all the snapshot data is exported. Valid values are the following: + // + // * database - Export all the data of the snapshot. + // + // * database.table [table-name] - Export a table of the snapshot. + // + // * database.schema [schema-name] - Export a database schema of the snapshot. + // This value isn't valid for RDS for MySQL, RDS for MariaDB, or Aurora MySQL. + // + // * database.schema.table [table-name] - Export a table of the database + // schema. This value isn't valid for RDS for MySQL, RDS for MariaDB, or + // Aurora MySQL. + ExportOnly []*string `type:"list"` + + // A unique identifier for the snapshot export task. This ID isn't an identifier + // for the Amazon S3 bucket where the snapshot is to be exported to. + // + // ExportTaskIdentifier is a required field + ExportTaskIdentifier *string `type:"string" required:"true"` + + // The name of the IAM role to use for writing to the Amazon S3 bucket when + // exporting a snapshot. + // + // IamRoleArn is a required field + IamRoleArn *string `type:"string" required:"true"` + + // The ID of the AWS KMS key to use to encrypt the snapshot exported to Amazon + // S3. The KMS key ID is the Amazon Resource Name (ARN), the KMS key identifier, + // or the KMS key alias for the KMS encryption key. The IAM role used for the + // snapshot export must have encryption and decryption permissions to use this + // KMS key. + // + // KmsKeyId is a required field + KmsKeyId *string `type:"string" required:"true"` + + // The name of the Amazon S3 bucket to export the snapshot to. + // + // S3BucketName is a required field + S3BucketName *string `type:"string" required:"true"` + + // The Amazon S3 bucket prefix to use as the file name and path of the exported + // snapshot. + S3Prefix *string `type:"string"` + + // The Amazon Resource Name (ARN) of the snapshot to export to Amazon S3. + // + // SourceArn is a required field + SourceArn *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s StartExportTaskInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartExportTaskInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartExportTaskInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartExportTaskInput"} + if s.ExportTaskIdentifier == nil { + invalidParams.Add(request.NewErrParamRequired("ExportTaskIdentifier")) + } + if s.IamRoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("IamRoleArn")) + } + if s.KmsKeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KmsKeyId")) + } + if s.S3BucketName == nil { + invalidParams.Add(request.NewErrParamRequired("S3BucketName")) + } + if s.SourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("SourceArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetExportOnly sets the ExportOnly field's value. +func (s *StartExportTaskInput) SetExportOnly(v []*string) *StartExportTaskInput { + s.ExportOnly = v + return s +} + +// SetExportTaskIdentifier sets the ExportTaskIdentifier field's value. +func (s *StartExportTaskInput) SetExportTaskIdentifier(v string) *StartExportTaskInput { + s.ExportTaskIdentifier = &v + return s +} + +// SetIamRoleArn sets the IamRoleArn field's value. +func (s *StartExportTaskInput) SetIamRoleArn(v string) *StartExportTaskInput { + s.IamRoleArn = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *StartExportTaskInput) SetKmsKeyId(v string) *StartExportTaskInput { + s.KmsKeyId = &v + return s +} + +// SetS3BucketName sets the S3BucketName field's value. +func (s *StartExportTaskInput) SetS3BucketName(v string) *StartExportTaskInput { + s.S3BucketName = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *StartExportTaskInput) SetS3Prefix(v string) *StartExportTaskInput { + s.S3Prefix = &v + return s +} + +// SetSourceArn sets the SourceArn field's value. +func (s *StartExportTaskInput) SetSourceArn(v string) *StartExportTaskInput { + s.SourceArn = &v + return s +} + +// Contains the details of a snapshot export to Amazon S3. +// +// This data type is used as a response element in the DescribeExportTasks action. +type StartExportTaskOutput struct { + _ struct{} `type:"structure"` + + // The data exported from the snapshot. Valid values are the following: + // + // * database - Export all the data of the snapshot. + // + // * database.table [table-name] - Export a table of the snapshot. + // + // * database.schema [schema-name] - Export a database schema of the snapshot. + // This value isn't valid for RDS for MySQL, RDS for MariaDB, or Aurora MySQL. + // + // * database.schema.table [table-name] - Export a table of the database + // schema. This value isn't valid for RDS for MySQL, RDS for MariaDB, or + // Aurora MySQL. + ExportOnly []*string `type:"list"` + + // A unique identifier for the snapshot export task. This ID isn't an identifier + // for the Amazon S3 bucket where the snapshot is exported to. + ExportTaskIdentifier *string `type:"string"` + + // The reason the export failed, if it failed. + FailureCause *string `type:"string"` + + // The name of the IAM role that is used to write to Amazon S3 when exporting + // a snapshot. + IamRoleArn *string `type:"string"` + + // The ID of the AWS KMS key that is used to encrypt the snapshot when it's + // exported to Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), + // the KMS key identifier, or the KMS key alias for the KMS encryption key. + // The IAM role used for the snapshot export must have encryption and decryption + // permissions to use this KMS key. + KmsKeyId *string `type:"string"` + + // The progress of the snapshot export task as a percentage. + PercentProgress *int64 `type:"integer"` + + // The Amazon S3 bucket that the snapshot is exported to. + S3Bucket *string `type:"string"` + + // The Amazon S3 bucket prefix that is the file name and path of the exported + // snapshot. + S3Prefix *string `type:"string"` + + // The time that the snapshot was created. + SnapshotTime *time.Time `type:"timestamp"` + + // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + SourceArn *string `type:"string"` + + // The progress status of the export task. + Status *string `type:"string"` + + // The time that the snapshot export task completed. + TaskEndTime *time.Time `type:"timestamp"` + + // The time that the snapshot export task started. + TaskStartTime *time.Time `type:"timestamp"` + + // The total amount of data exported, in gigabytes. + TotalExtractedDataInGB *int64 `type:"integer"` + + // A warning about the snapshot export task. + WarningMessage *string `type:"string"` +} + +// String returns the string representation +func (s StartExportTaskOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartExportTaskOutput) GoString() string { + return s.String() +} + +// SetExportOnly sets the ExportOnly field's value. +func (s *StartExportTaskOutput) SetExportOnly(v []*string) *StartExportTaskOutput { + s.ExportOnly = v + return s +} + +// SetExportTaskIdentifier sets the ExportTaskIdentifier field's value. +func (s *StartExportTaskOutput) SetExportTaskIdentifier(v string) *StartExportTaskOutput { + s.ExportTaskIdentifier = &v + return s +} + +// SetFailureCause sets the FailureCause field's value. +func (s *StartExportTaskOutput) SetFailureCause(v string) *StartExportTaskOutput { + s.FailureCause = &v + return s +} + +// SetIamRoleArn sets the IamRoleArn field's value. +func (s *StartExportTaskOutput) SetIamRoleArn(v string) *StartExportTaskOutput { + s.IamRoleArn = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *StartExportTaskOutput) SetKmsKeyId(v string) *StartExportTaskOutput { + s.KmsKeyId = &v + return s +} + +// SetPercentProgress sets the PercentProgress field's value. +func (s *StartExportTaskOutput) SetPercentProgress(v int64) *StartExportTaskOutput { + s.PercentProgress = &v + return s +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *StartExportTaskOutput) SetS3Bucket(v string) *StartExportTaskOutput { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *StartExportTaskOutput) SetS3Prefix(v string) *StartExportTaskOutput { + s.S3Prefix = &v + return s +} + +// SetSnapshotTime sets the SnapshotTime field's value. +func (s *StartExportTaskOutput) SetSnapshotTime(v time.Time) *StartExportTaskOutput { + s.SnapshotTime = &v + return s +} + +// SetSourceArn sets the SourceArn field's value. +func (s *StartExportTaskOutput) SetSourceArn(v string) *StartExportTaskOutput { + s.SourceArn = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *StartExportTaskOutput) SetStatus(v string) *StartExportTaskOutput { + s.Status = &v + return s +} + +// SetTaskEndTime sets the TaskEndTime field's value. +func (s *StartExportTaskOutput) SetTaskEndTime(v time.Time) *StartExportTaskOutput { + s.TaskEndTime = &v + return s +} + +// SetTaskStartTime sets the TaskStartTime field's value. +func (s *StartExportTaskOutput) SetTaskStartTime(v time.Time) *StartExportTaskOutput { + s.TaskStartTime = &v + return s +} + +// SetTotalExtractedDataInGB sets the TotalExtractedDataInGB field's value. +func (s *StartExportTaskOutput) SetTotalExtractedDataInGB(v int64) *StartExportTaskOutput { + s.TotalExtractedDataInGB = &v + return s +} + +// SetWarningMessage sets the WarningMessage field's value. +func (s *StartExportTaskOutput) SetWarningMessage(v string) *StartExportTaskOutput { + s.WarningMessage = &v + return s +} + type StopActivityStreamInput struct { _ struct{} `type:"structure"` @@ -35188,6 +40749,146 @@ func (s *UpgradeTarget) SetIsMajorVersionUpgrade(v bool) *UpgradeTarget { return s } +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Specifies the details of authentication used by a proxy to log in as a specific +// database user. +type UserAuthConfig struct { + _ struct{} `type:"structure"` + + // The type of authentication that the proxy uses for connections from the proxy + // to the underlying database. + AuthScheme *string `type:"string" enum:"AuthScheme"` + + // A user-specified description about the authentication used by a proxy to + // log in as a specific database user. + Description *string `type:"string"` + + // Whether to require or disallow AWS Identity and Access Management (IAM) authentication + // for connections to the proxy. + IAMAuth *string `type:"string" enum:"IAMAuthMode"` + + // The Amazon Resource Name (ARN) representing the secret that the proxy uses + // to authenticate to the RDS DB instance or Aurora DB cluster. These secrets + // are stored within Amazon Secrets Manager. + SecretArn *string `type:"string"` + + // The name of the database user to which the proxy connects. + UserName *string `type:"string"` +} + +// String returns the string representation +func (s UserAuthConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UserAuthConfig) GoString() string { + return s.String() +} + +// SetAuthScheme sets the AuthScheme field's value. +func (s *UserAuthConfig) SetAuthScheme(v string) *UserAuthConfig { + s.AuthScheme = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *UserAuthConfig) SetDescription(v string) *UserAuthConfig { + s.Description = &v + return s +} + +// SetIAMAuth sets the IAMAuth field's value. +func (s *UserAuthConfig) SetIAMAuth(v string) *UserAuthConfig { + s.IAMAuth = &v + return s +} + +// SetSecretArn sets the SecretArn field's value. +func (s *UserAuthConfig) SetSecretArn(v string) *UserAuthConfig { + s.SecretArn = &v + return s +} + +// SetUserName sets the UserName field's value. +func (s *UserAuthConfig) SetUserName(v string) *UserAuthConfig { + s.UserName = &v + return s +} + +// +// This is prerelease documentation for the RDS Database Proxy feature in preview +// release. It is subject to change. +// +// Returns the details of authentication used by a proxy to log in as a specific +// database user. +type UserAuthConfigInfo struct { + _ struct{} `type:"structure"` + + // The type of authentication that the proxy uses for connections from the proxy + // to the underlying database. + AuthScheme *string `type:"string" enum:"AuthScheme"` + + // A user-specified description about the authentication used by a proxy to + // log in as a specific database user. + Description *string `type:"string"` + + // Whether to require or disallow AWS Identity and Access Management (IAM) authentication + // for connections to the proxy. + IAMAuth *string `type:"string" enum:"IAMAuthMode"` + + // The Amazon Resource Name (ARN) representing the secret that the proxy uses + // to authenticate to the RDS DB instance or Aurora DB cluster. These secrets + // are stored within Amazon Secrets Manager. + SecretArn *string `type:"string"` + + // The name of the database user to which the proxy connects. + UserName *string `type:"string"` +} + +// String returns the string representation +func (s UserAuthConfigInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UserAuthConfigInfo) GoString() string { + return s.String() +} + +// SetAuthScheme sets the AuthScheme field's value. +func (s *UserAuthConfigInfo) SetAuthScheme(v string) *UserAuthConfigInfo { + s.AuthScheme = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *UserAuthConfigInfo) SetDescription(v string) *UserAuthConfigInfo { + s.Description = &v + return s +} + +// SetIAMAuth sets the IAMAuth field's value. +func (s *UserAuthConfigInfo) SetIAMAuth(v string) *UserAuthConfigInfo { + s.IAMAuth = &v + return s +} + +// SetSecretArn sets the SecretArn field's value. +func (s *UserAuthConfigInfo) SetSecretArn(v string) *UserAuthConfigInfo { + s.SecretArn = &v + return s +} + +// SetUserName sets the UserName field's value. +func (s *UserAuthConfigInfo) SetUserName(v string) *UserAuthConfigInfo { + s.UserName = &v + return s +} + // Information about valid modifications that you can make to your DB instance. // Contains the result of a successful call to the DescribeValidDBInstanceModifications // action. You can use this information when you call ModifyDBInstance. @@ -35322,6 +41023,80 @@ func (s *VpcSecurityGroupMembership) SetVpcSecurityGroupId(v string) *VpcSecurit return s } +// Information about the virtual private network (VPN) between the VMware vSphere +// cluster and the AWS website. +// +// For more information about RDS on VMware, see the RDS on VMware User Guide. +// (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html) +type VpnDetails struct { + _ struct{} `type:"structure"` + + // The IP address of network traffic from AWS to your on-premises data center. + VpnGatewayIp *string `type:"string"` + + // The ID of the VPN. + VpnId *string `type:"string"` + + // The name of the VPN. + VpnName *string `type:"string"` + + // The preshared key (PSK) for the VPN. + VpnPSK *string `type:"string" sensitive:"true"` + + // The state of the VPN. + VpnState *string `type:"string"` + + // The IP address of network traffic from your on-premises data center. A custom + // AZ receives the network traffic. + VpnTunnelOriginatorIP *string `type:"string"` +} + +// String returns the string representation +func (s VpnDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VpnDetails) GoString() string { + return s.String() +} + +// SetVpnGatewayIp sets the VpnGatewayIp field's value. +func (s *VpnDetails) SetVpnGatewayIp(v string) *VpnDetails { + s.VpnGatewayIp = &v + return s +} + +// SetVpnId sets the VpnId field's value. +func (s *VpnDetails) SetVpnId(v string) *VpnDetails { + s.VpnId = &v + return s +} + +// SetVpnName sets the VpnName field's value. +func (s *VpnDetails) SetVpnName(v string) *VpnDetails { + s.VpnName = &v + return s +} + +// SetVpnPSK sets the VpnPSK field's value. +func (s *VpnDetails) SetVpnPSK(v string) *VpnDetails { + s.VpnPSK = &v + return s +} + +// SetVpnState sets the VpnState field's value. +func (s *VpnDetails) SetVpnState(v string) *VpnDetails { + s.VpnState = &v + return s +} + +// SetVpnTunnelOriginatorIP sets the VpnTunnelOriginatorIP field's value. +func (s *VpnDetails) SetVpnTunnelOriginatorIP(v string) *VpnDetails { + s.VpnTunnelOriginatorIP = &v + return s +} + const ( // ActivityStreamModeSync is a ActivityStreamMode enum value ActivityStreamModeSync = "sync" @@ -35352,6 +41127,44 @@ const ( ApplyMethodPendingReboot = "pending-reboot" ) +const ( + // AuthSchemeSecrets is a AuthScheme enum value + AuthSchemeSecrets = "SECRETS" +) + +const ( + // DBProxyStatusAvailable is a DBProxyStatus enum value + DBProxyStatusAvailable = "available" + + // DBProxyStatusModifying is a DBProxyStatus enum value + DBProxyStatusModifying = "modifying" + + // DBProxyStatusIncompatibleNetwork is a DBProxyStatus enum value + DBProxyStatusIncompatibleNetwork = "incompatible-network" + + // DBProxyStatusInsufficientResourceLimits is a DBProxyStatus enum value + DBProxyStatusInsufficientResourceLimits = "insufficient-resource-limits" + + // DBProxyStatusCreating is a DBProxyStatus enum value + DBProxyStatusCreating = "creating" + + // DBProxyStatusDeleting is a DBProxyStatus enum value + DBProxyStatusDeleting = "deleting" +) + +const ( + // EngineFamilyMysql is a EngineFamily enum value + EngineFamilyMysql = "MYSQL" +) + +const ( + // IAMAuthModeDisabled is a IAMAuthMode enum value + IAMAuthModeDisabled = "DISABLED" + + // IAMAuthModeRequired is a IAMAuthMode enum value + IAMAuthModeRequired = "REQUIRED" +) + const ( // SourceTypeDbInstance is a SourceType enum value SourceTypeDbInstance = "db-instance" @@ -35371,3 +41184,14 @@ const ( // SourceTypeDbClusterSnapshot is a SourceType enum value SourceTypeDbClusterSnapshot = "db-cluster-snapshot" ) + +const ( + // TargetTypeRdsInstance is a TargetType enum value + TargetTypeRdsInstance = "RDS_INSTANCE" + + // TargetTypeRdsServerlessEndpoint is a TargetType enum value + TargetTypeRdsServerlessEndpoint = "RDS_SERVERLESS_ENDPOINT" + + // TargetTypeTrackedCluster is a TargetType enum value + TargetTypeTrackedCluster = "TRACKED_CLUSTER" +) diff --git a/vendor/github.com/aws/aws-sdk-go/service/rds/doc.go b/vendor/github.com/aws/aws-sdk-go/service/rds/doc.go index bf5140b..85e0405 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/rds/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/rds/doc.go @@ -6,9 +6,9 @@ // // Amazon Relational Database Service (Amazon RDS) is a web service that makes // it easier to set up, operate, and scale a relational database in the cloud. -// It provides cost-efficient, resizable capacity for an industry-standard relational -// database and manages common database administration tasks, freeing up developers -// to focus on what makes their applications and businesses unique. +// It provides cost-efficient, resizeable capacity for an industry-standard +// relational database and manages common database administration tasks, freeing +// up developers to focus on what makes their applications and businesses unique. // // Amazon RDS gives you access to the capabilities of a MySQL, MariaDB, PostgreSQL, // Microsoft SQL Server, Oracle, or Amazon Aurora database server. These capabilities @@ -21,13 +21,13 @@ // and you pay only for the resources you use. // // This interface reference for Amazon RDS contains documentation for a programming -// or command line interface you can use to manage Amazon RDS. Note that Amazon -// RDS is asynchronous, which means that some interfaces might require techniques -// such as polling or callback functions to determine when a command has been -// applied. In this reference, the parameter descriptions indicate whether a -// command is applied immediately, on the next instance reboot, or during the -// maintenance window. The reference structure is as follows, and we list following -// some related topics from the user guide. +// or command line interface you can use to manage Amazon RDS. Amazon RDS is +// asynchronous, which means that some interfaces might require techniques such +// as polling or callback functions to determine when a command has been applied. +// In this reference, the parameter descriptions indicate whether a command +// is applied immediately, on the next instance reboot, or during the maintenance +// window. The reference structure is as follows, and we list following some +// related topics from the user guide. // // Amazon RDS API Reference // diff --git a/vendor/github.com/aws/aws-sdk-go/service/rds/errors.go b/vendor/github.com/aws/aws-sdk-go/service/rds/errors.go index 86ee244..b37ba24 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/rds/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/rds/errors.go @@ -7,18 +7,18 @@ const ( // ErrCodeAuthorizationAlreadyExistsFault for service response error code // "AuthorizationAlreadyExists". // - // The specified CIDRIP or Amazon EC2 security group is already authorized for - // the specified DB security group. + // The specified CIDR IP range or Amazon EC2 security group is already authorized + // for the specified DB security group. ErrCodeAuthorizationAlreadyExistsFault = "AuthorizationAlreadyExists" // ErrCodeAuthorizationNotFoundFault for service response error code // "AuthorizationNotFound". // - // The specified CIDRIP or Amazon EC2 security group isn't authorized for the - // specified DB security group. + // The specified CIDR IP range or Amazon EC2 security group might not be authorized + // for the specified DB security group. // - // RDS also may not be authorized by using IAM to perform necessary actions - // on your behalf. + // Or, RDS might not be authorized to perform necessary actions using IAM on + // your behalf. ErrCodeAuthorizationNotFoundFault = "AuthorizationNotFound" // ErrCodeAuthorizationQuotaExceededFault for service response error code @@ -37,6 +37,26 @@ const ( // CertificateIdentifier doesn't refer to an existing certificate. ErrCodeCertificateNotFoundFault = "CertificateNotFound" + // ErrCodeCustomAvailabilityZoneAlreadyExistsFault for service response error code + // "CustomAvailabilityZoneAlreadyExists". + // + // CustomAvailabilityZoneName is already used by an existing custom Availability + // Zone. + ErrCodeCustomAvailabilityZoneAlreadyExistsFault = "CustomAvailabilityZoneAlreadyExists" + + // ErrCodeCustomAvailabilityZoneNotFoundFault for service response error code + // "CustomAvailabilityZoneNotFound". + // + // CustomAvailabilityZoneId doesn't refer to an existing custom Availability + // Zone identifier. + ErrCodeCustomAvailabilityZoneNotFoundFault = "CustomAvailabilityZoneNotFound" + + // ErrCodeCustomAvailabilityZoneQuotaExceededFault for service response error code + // "CustomAvailabilityZoneQuotaExceeded". + // + // You have exceeded the maximum number of custom Availability Zones. + ErrCodeCustomAvailabilityZoneQuotaExceededFault = "CustomAvailabilityZoneQuotaExceeded" + // ErrCodeDBClusterAlreadyExistsFault for service response error code // "DBClusterAlreadyExistsFault". // @@ -156,7 +176,7 @@ const ( // ErrCodeDBInstanceRoleNotFoundFault for service response error code // "DBInstanceRoleNotFound". // - // The specified RoleArn value doesn't match the specifed feature for the DB + // The specified RoleArn value doesn't match the specified feature for the DB // instance. ErrCodeDBInstanceRoleNotFoundFault = "DBInstanceRoleNotFound" @@ -192,6 +212,48 @@ const ( // groups. ErrCodeDBParameterGroupQuotaExceededFault = "DBParameterGroupQuotaExceeded" + // ErrCodeDBProxyAlreadyExistsFault for service response error code + // "DBProxyAlreadyExistsFault". + // + // The specified proxy name must be unique for all proxies owned by your AWS + // account in the specified AWS Region. + ErrCodeDBProxyAlreadyExistsFault = "DBProxyAlreadyExistsFault" + + // ErrCodeDBProxyNotFoundFault for service response error code + // "DBProxyNotFoundFault". + // + // The specified proxy name doesn't correspond to a proxy owned by your AWS + // accoutn in the specified AWS Region. + ErrCodeDBProxyNotFoundFault = "DBProxyNotFoundFault" + + // ErrCodeDBProxyQuotaExceededFault for service response error code + // "DBProxyQuotaExceededFault". + // + // Your AWS account already has the maximum number of proxies in the specified + // AWS Region. + ErrCodeDBProxyQuotaExceededFault = "DBProxyQuotaExceededFault" + + // ErrCodeDBProxyTargetAlreadyRegisteredFault for service response error code + // "DBProxyTargetAlreadyRegisteredFault". + // + // The proxy is already associated with the specified RDS DB instance or Aurora + // DB cluster. + ErrCodeDBProxyTargetAlreadyRegisteredFault = "DBProxyTargetAlreadyRegisteredFault" + + // ErrCodeDBProxyTargetGroupNotFoundFault for service response error code + // "DBProxyTargetGroupNotFoundFault". + // + // The specified target group isn't available for a proxy owned by your AWS + // account in the specified AWS Region. + ErrCodeDBProxyTargetGroupNotFoundFault = "DBProxyTargetGroupNotFoundFault" + + // ErrCodeDBProxyTargetNotFoundFault for service response error code + // "DBProxyTargetNotFoundFault". + // + // The specified RDS DB instance or Aurora DB cluster isn't available for a + // proxy owned by your AWS account in the specified AWS Region. + ErrCodeDBProxyTargetNotFoundFault = "DBProxyTargetNotFoundFault" + // ErrCodeDBSecurityGroupAlreadyExistsFault for service response error code // "DBSecurityGroupAlreadyExists". // @@ -288,6 +350,18 @@ const ( // You have reached the maximum number of event subscriptions. ErrCodeEventSubscriptionQuotaExceededFault = "EventSubscriptionQuotaExceeded" + // ErrCodeExportTaskAlreadyExistsFault for service response error code + // "ExportTaskAlreadyExists". + // + // You can't start an export task that's already running. + ErrCodeExportTaskAlreadyExistsFault = "ExportTaskAlreadyExists" + + // ErrCodeExportTaskNotFoundFault for service response error code + // "ExportTaskNotFound". + // + // The export task doesn't exist. + ErrCodeExportTaskNotFoundFault = "ExportTaskNotFound" + // ErrCodeGlobalClusterAlreadyExistsFault for service response error code // "GlobalClusterAlreadyExistsFault". ErrCodeGlobalClusterAlreadyExistsFault = "GlobalClusterAlreadyExistsFault" @@ -300,6 +374,30 @@ const ( // "GlobalClusterQuotaExceededFault". ErrCodeGlobalClusterQuotaExceededFault = "GlobalClusterQuotaExceededFault" + // ErrCodeIamRoleMissingPermissionsFault for service response error code + // "IamRoleMissingPermissions". + // + // The IAM role requires additional permissions to export to an Amazon S3 bucket. + ErrCodeIamRoleMissingPermissionsFault = "IamRoleMissingPermissions" + + // ErrCodeIamRoleNotFoundFault for service response error code + // "IamRoleNotFound". + // + // The IAM role is missing for exporting to an Amazon S3 bucket. + ErrCodeIamRoleNotFoundFault = "IamRoleNotFound" + + // ErrCodeInstallationMediaAlreadyExistsFault for service response error code + // "InstallationMediaAlreadyExists". + // + // The specified installation medium has already been imported. + ErrCodeInstallationMediaAlreadyExistsFault = "InstallationMediaAlreadyExists" + + // ErrCodeInstallationMediaNotFoundFault for service response error code + // "InstallationMediaNotFound". + // + // InstallationMediaID doesn't refer to an existing installation medium. + ErrCodeInstallationMediaNotFoundFault = "InstallationMediaNotFound" + // ErrCodeInstanceQuotaExceededFault for service response error code // "InstanceQuotaExceeded". // @@ -374,6 +472,12 @@ const ( // is in this state. ErrCodeInvalidDBParameterGroupStateFault = "InvalidDBParameterGroupState" + // ErrCodeInvalidDBProxyStateFault for service response error code + // "InvalidDBProxyStateFault". + // + // The requested operation can't be performed while the proxy is in this state. + ErrCodeInvalidDBProxyStateFault = "InvalidDBProxyStateFault" + // ErrCodeInvalidDBSecurityGroupStateFault for service response error code // "InvalidDBSecurityGroupState". // @@ -412,6 +516,25 @@ const ( // retry the action. ErrCodeInvalidEventSubscriptionStateFault = "InvalidEventSubscriptionState" + // ErrCodeInvalidExportOnlyFault for service response error code + // "InvalidExportOnly". + // + // The export is invalid for exporting to an Amazon S3 bucket. + ErrCodeInvalidExportOnlyFault = "InvalidExportOnly" + + // ErrCodeInvalidExportSourceStateFault for service response error code + // "InvalidExportSourceState". + // + // The state of the export snapshot is invalid for exporting to an Amazon S3 + // bucket. + ErrCodeInvalidExportSourceStateFault = "InvalidExportSourceState" + + // ErrCodeInvalidExportTaskStateFault for service response error code + // "InvalidExportTaskStateFault". + // + // You can't cancel an export task that has completed. + ErrCodeInvalidExportTaskStateFault = "InvalidExportTaskStateFault" + // ErrCodeInvalidGlobalClusterStateFault for service response error code // "InvalidGlobalClusterStateFault". ErrCodeInvalidGlobalClusterStateFault = "InvalidGlobalClusterStateFault" diff --git a/vendor/github.com/aws/aws-sdk-go/service/rds/service.go b/vendor/github.com/aws/aws-sdk-go/service/rds/service.go index f2d0efa..656abea 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/rds/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/rds/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "rds" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "RDS" // ServiceID is a unique identifer of a specific service. + ServiceID = "RDS" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the RDS client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a RDS client from just a session. // svc := rds.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := rds.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *RDS { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *RDS { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *RDS { svc := &RDS{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2014-10-31", }, diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index eb0a6a4..7f60d4a 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -78,6 +78,8 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) // in the IAM User Guide. // +// Session Duration +// // By default, the temporary security credentials created by AssumeRole last // for one hour. However, you can use the optional DurationSeconds parameter // to specify the duration of your session. You can provide a value from 900 @@ -91,6 +93,8 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // +// Permissions +// // The temporary security credentials created by AssumeRole can be used to make // API calls to any AWS service with the following exception: You cannot call // the AWS STS GetFederationToken or GetSessionToken API operations. @@ -99,7 +103,7 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policies to // use as managed session policies. The plain text that you use for both inline -// and managed session policies shouldn't exceed 2048 characters. Passing policies +// and managed session policies can't exceed 2,048 characters. Passing policies // to this operation returns new temporary credentials. The resulting session's // permissions are the intersection of the role's identity-based policy and // the session policies. You can use the role's temporary credentials in subsequent @@ -131,6 +135,24 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) // in the IAM User Guide. // +// Tags +// +// (Optional) You can pass tag key-value pairs to your session. These tags are +// called session tags. For more information about session tags, see Passing +// Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// You can set the session tags as transitive. Transitive tags persist during +// role chaining. For more information, see Chaining Roles with Session Tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) +// in the IAM User Guide. +// // Using MFA with AssumeRole // // (Optional) You can include multi-factor authentication (MFA) information @@ -165,9 +187,18 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeRegionDisabledException "RegionDisabledException" // STS is not activated in the requested region for the account that is being @@ -256,6 +287,8 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // an access key ID, a secret access key, and a security token. Applications // can use these temporary security credentials to sign calls to AWS services. // +// Session Duration +// // By default, the temporary security credentials created by AssumeRoleWithSAML // last for one hour. However, you can use the optional DurationSeconds parameter // to specify the duration of your session. Your role session lasts for the @@ -271,6 +304,8 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // +// Permissions +// // The temporary security credentials created by AssumeRoleWithSAML can be used // to make API calls to any AWS service with the following exception: you cannot // call the STS GetFederationToken or GetSessionToken API operations. @@ -279,7 +314,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policies to // use as managed session policies. The plain text that you use for both inline -// and managed session policies shouldn't exceed 2048 characters. Passing policies +// and managed session policies can't exceed 2,048 characters. Passing policies // to this operation returns new temporary credentials. The resulting session's // permissions are the intersection of the role's identity-based policy and // the session policies. You can use the role's temporary credentials in subsequent @@ -289,12 +324,6 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// Before your application can call AssumeRoleWithSAML, you must configure your -// SAML identity provider (IdP) to issue the claims required by AWS. Additionally, -// you must use AWS Identity and Access Management (IAM) to create a SAML provider -// entity in your AWS account that represents your identity provider. You must -// also create an IAM role that specifies this SAML provider in its trust policy. -// // Calling AssumeRoleWithSAML does not require the use of AWS security credentials. // The identity of the caller is validated by using keys in the metadata document // that is uploaded for the SAML provider entity for your identity provider. @@ -302,8 +331,50 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // Calling AssumeRoleWithSAML can result in an entry in your AWS CloudTrail // logs. The entry includes the value in the NameID element of the SAML assertion. // We recommend that you use a NameIDType that is not associated with any personally -// identifiable information (PII). For example, you could instead use the Persistent -// Identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). +// identifiable information (PII). For example, you could instead use the persistent +// identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). +// +// Tags +// +// (Optional) You can configure your IdP to pass attributes into your SAML assertion +// as session tags. Each session tag consists of a key name and an associated +// value. For more information about session tags, see Passing Session Tags +// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You can pass up to 50 session tags. The plain text session tag keys can’t +// exceed 128 characters and the values can’t exceed 256 characters. For these +// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// An AWS conversion compresses the passed session policies and session tags +// into a packed binary format that has a separate limit. Your request can fail +// for this limit even if your plain text meets the other requirements. The +// PackedPolicySize response element indicates by percentage how close the policies +// and tags for your request are to the upper size limit. +// +// You can pass a session tag with the same key as a tag that is attached to +// the role. When you do, session tags override the role's tags with the same +// key. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// You can set the session tags as transitive. Transitive tags persist during +// role chaining. For more information, see Chaining Roles with Session Tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) +// in the IAM User Guide. +// +// SAML Configuration +// +// Before your application can call AssumeRoleWithSAML, you must configure your +// SAML identity provider (IdP) to issue the claims required by AWS. Additionally, +// you must use AWS Identity and Access Management (IAM) to create a SAML provider +// entity in your AWS account that represents your identity provider. You must +// also create an IAM role that specifies this SAML provider in its trust policy. // // For more information, see the following resources: // @@ -332,9 +403,18 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeIDPRejectedClaimException "IDPRejectedClaim" // The identity provider (IdP) reported that authentication failed. This might @@ -456,6 +536,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // key ID, a secret access key, and a security token. Applications can use these // temporary security credentials to sign calls to AWS service API operations. // +// Session Duration +// // By default, the temporary security credentials created by AssumeRoleWithWebIdentity // last for one hour. However, you can use the optional DurationSeconds parameter // to specify the duration of your session. You can provide a value from 900 @@ -469,6 +551,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // +// Permissions +// // The temporary security credentials created by AssumeRoleWithWebIdentity can // be used to make API calls to any AWS service with the following exception: // you cannot call the STS GetFederationToken or GetSessionToken API operations. @@ -477,7 +561,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policies to // use as managed session policies. The plain text that you use for both inline -// and managed session policies shouldn't exceed 2048 characters. Passing policies +// and managed session policies can't exceed 2,048 characters. Passing policies // to this operation returns new temporary credentials. The resulting session's // permissions are the intersection of the role's identity-based policy and // the session policies. You can use the role's temporary credentials in subsequent @@ -487,6 +571,42 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // +// Tags +// +// (Optional) You can configure your IdP to pass attributes into your web identity +// token as session tags. Each session tag consists of a key name and an associated +// value. For more information about session tags, see Passing Session Tags +// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You can pass up to 50 session tags. The plain text session tag keys can’t +// exceed 128 characters and the values can’t exceed 256 characters. For these +// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// An AWS conversion compresses the passed session policies and session tags +// into a packed binary format that has a separate limit. Your request can fail +// for this limit even if your plain text meets the other requirements. The +// PackedPolicySize response element indicates by percentage how close the policies +// and tags for your request are to the upper size limit. +// +// You can pass a session tag with the same key as a tag that is attached to +// the role. When you do, the session tag overrides the role tag with the same +// key. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// You can set the session tags as transitive. Transitive tags persist during +// role chaining. For more information, see Chaining Roles with Session Tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) +// in the IAM User Guide. +// +// Identities +// // Before your application can call AssumeRoleWithWebIdentity, you must have // an identity token from a supported identity provider and create a role that // the application can assume. The role that your application assumes must trust @@ -514,8 +634,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // * AWS SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) and // AWS SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/). // These toolkits contain sample apps that show how to invoke the identity -// providers, and then how to use the information from these providers to -// get and use temporary security credentials. +// providers. The toolkits then show how to use the information from these +// providers to get and use temporary security credentials. // // * Web Identity Federation with Mobile Applications (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications). // This article discusses web identity federation and shows an example of @@ -535,9 +655,18 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeIDPRejectedClaimException "IDPRejectedClaim" // The identity provider (IdP) reported that authentication failed. This might @@ -547,11 +676,11 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // can also mean that the claim has expired or has been explicitly revoked. // // * ErrCodeIDPCommunicationErrorException "IDPCommunicationError" -// The request could not be fulfilled because the non-AWS identity provider -// (IDP) that was asked to verify the incoming identity token could not be reached. -// This is often a transient error caused by network conditions. Retry the request +// The request could not be fulfilled because the identity provider (IDP) that +// was asked to verify the incoming identity token could not be reached. This +// is often a transient error caused by network conditions. Retry the request // a limited number of times so that you don't exceed the request rate. If the -// error persists, the non-AWS identity provider might be down or not responding. +// error persists, the identity provider might be down or not responding. // // * ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" // The web identity token that was passed could not be validated by AWS. Get @@ -763,7 +892,8 @@ func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *reques // pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html) // to learn which IAM user owns the keys. To learn who requested the temporary // credentials for an ASIA access key, view the STS events in your CloudTrail -// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html). +// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) +// in the IAM User Guide. // // This operation does not indicate the state of the access key. The key might // be active, inactive, or deleted. Active keys might not have permissions to @@ -850,7 +980,8 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ // sts:GetCallerIdentity action, you can still perform this operation. Permissions // are not required because the same information is returned when an IAM user // or role is denied access. To view an example response, see I Am Not Authorized -// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa). +// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) +// in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -942,7 +1073,8 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // or an OpenID Connect-compatible identity provider. In this case, we recommend // that you use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity. // For more information, see Federation Through a Web-based Identity Provider -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) +// in the IAM User Guide. // // You can also call GetFederationToken using the security credentials of an // AWS account root user, but we do not recommend it. Instead, we recommend @@ -952,41 +1084,67 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) // in the IAM User Guide. // +// Session duration +// // The temporary credentials are valid for the specified duration, from 900 // seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default -// is 43,200 seconds (12 hours). Temporary credentials that are obtained by -// using AWS account root user credentials have a maximum duration of 3,600 -// seconds (1 hour). +// session duration is 43,200 seconds (12 hours). Temporary credentials that +// are obtained by using AWS account root user credentials have a maximum duration +// of 3,600 seconds (1 hour). // -// The temporary security credentials created by GetFederationToken can be used -// to make API calls to any AWS service with the following exceptions: +// Permissions // -// * You cannot use these credentials to call any IAM API operations. +// You can use the temporary credentials created by GetFederationToken in any +// AWS service except the following: // -// * You cannot call any STS API operations except GetCallerIdentity. +// * You cannot call any IAM operations using the AWS CLI or the AWS API. // -// Permissions +// * You cannot call any STS operations except GetCallerIdentity. // // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policies to // use as managed session policies. The plain text that you use for both inline -// and managed session policies shouldn't exceed 2048 characters. +// and managed session policies can't exceed 2,048 characters. // // Though the session policy parameters are optional, if you do not pass a policy, -// then the resulting federated user session has no permissions. The only exception -// is when the credentials are used to access a resource that has a resource-based -// policy that specifically references the federated user session in the Principal -// element of the policy. When you pass session policies, the session permissions -// are the intersection of the IAM user policies and the session policies that -// you pass. This gives you a way to further restrict the permissions for a -// federated user. You cannot use session policies to grant more permissions -// than those that are defined in the permissions policy of the IAM user. For -// more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// then the resulting federated user session has no permissions. When you pass +// session policies, the session permissions are the intersection of the IAM +// user policies and the session policies that you pass. This gives you a way +// to further restrict the permissions for a federated user. You cannot use +// session policies to grant more permissions than those that are defined in +// the permissions policy of the IAM user. For more information, see Session +// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. For information about using GetFederationToken to // create temporary security credentials, see GetFederationToken—Federation // Through a Custom Identity Broker (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken). // +// You can use the credentials to access a resource that has a resource-based +// policy. If that policy specifically references the federated user session +// in the Principal element of the policy, the session has the permissions allowed +// by the policy. These permissions are granted in addition to the permissions +// granted by the session policies. +// +// Tags +// +// (Optional) You can pass tag key-value pairs to your session. These are called +// session tags. For more information about session tags, see Passing Session +// Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// Tag key–value pairs are not case sensitive, but case is preserved. This +// means that you cannot have separate Department and department tag keys. Assume +// that the user that you are federating has the Department=Marketing tag and +// you pass the department=engineering session tag. Department and department +// are not saved as separate tags, and the session tag passed in the request +// takes precedence over the user tag. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1000,9 +1158,18 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeRegionDisabledException "RegionDisabledException" // STS is not activated in the requested region for the account that is being @@ -1091,6 +1258,8 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // +// Session Duration +// // The GetSessionToken operation must be called by using the long-term AWS security // credentials of the AWS account root user or an IAM user. Credentials that // are created by IAM users are valid for the duration that you specify. This @@ -1099,6 +1268,8 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // based on account credentials can range from 900 seconds (15 minutes) up to // 3,600 seconds (1 hour), with a default of 1 hour. // +// Permissions +// // The temporary security credentials created by GetSessionToken can be used // to make API calls to any AWS service with the following exceptions: // @@ -1213,16 +1384,16 @@ type AssumeRoleInput struct { // in the IAM User Guide. // // The plain text that you use for both inline and managed session policies - // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII // character from the space character to the end of the valid character list // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -1231,15 +1402,15 @@ type AssumeRoleInput struct { // // This parameter is optional. You can provide up to 10 managed policy ARNs. // However, the plain text that you use for both inline and managed session - // policies shouldn't exceed 2048 characters. For more information about ARNs, + // policies can't exceed 2,048 characters. For more information about ARNs, // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. // // Passing policies to this operation returns new temporary credentials. The // resulting session's permissions are the intersection of the role's identity-based @@ -1284,6 +1455,41 @@ type AssumeRoleInput struct { // also include underscores or any of the following characters: =,.@- SerialNumber *string `min:"9" type:"string"` + // A list of session tags that you want to pass. Each session tag consists of + // a key name and an associated value. For more information about session tags, + // see Tagging AWS STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // in the IAM User Guide. + // + // This parameter is optional. You can pass up to 50 session tags. The plain + // text session tag keys can’t exceed 128 characters, and the values can’t + // exceed 256 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // You can pass a session tag with the same key as a tag that is already attached + // to the role. When you do, session tags override a role tag with the same + // key. + // + // Tag key–value pairs are not case sensitive, but case is preserved. This + // means that you cannot have separate Department and department tag keys. Assume + // that the role has the Department=Marketing tag and you pass the department=engineering + // session tag. Department and department are not saved as separate tags, and + // the session tag passed in the request takes precedence over the role tag. + // + // Additionally, if you used temporary credentials to perform this operation, + // the new session inherits any transitive session tags from the calling session. + // If you pass a session tag with the same key as an inherited tag, the operation + // fails. To view the inherited tags for a session, see the AWS CloudTrail logs. + // For more information, see Viewing Session Tags in CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/session-tags.html#id_session-tags_ctlogs) + // in the IAM User Guide. + Tags []*Tag `type:"list"` + // The value provided by the MFA device, if the trust policy of the role being // assumed requires MFA (that is, if the policy includes a condition that tests // for MFA). If the role being assumed requires MFA and if the TokenCode value @@ -1292,6 +1498,19 @@ type AssumeRoleInput struct { // The format for this parameter, as described by its regex pattern, is a sequence // of six numeric digits. TokenCode *string `min:"6" type:"string"` + + // A list of keys for session tags that you want to set as transitive. If you + // set a tag key as transitive, the corresponding key and value passes to subsequent + // sessions in a role chain. For more information, see Chaining Roles with Session + // Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) + // in the IAM User Guide. + // + // This parameter is optional. When you set session tags as transitive, the + // session policy and session tags packed binary limit is not affected. + // + // If you choose not to specify a transitive tag key, then no tags are passed + // from this session to any subsequent sessions. + TransitiveTagKeys []*string `type:"list"` } // String returns the string representation @@ -1344,6 +1563,16 @@ func (s *AssumeRoleInput) Validate() error { } } } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -1393,12 +1622,24 @@ func (s *AssumeRoleInput) SetSerialNumber(v string) *AssumeRoleInput { return s } +// SetTags sets the Tags field's value. +func (s *AssumeRoleInput) SetTags(v []*Tag) *AssumeRoleInput { + s.Tags = v + return s +} + // SetTokenCode sets the TokenCode field's value. func (s *AssumeRoleInput) SetTokenCode(v string) *AssumeRoleInput { s.TokenCode = &v return s } +// SetTransitiveTagKeys sets the TransitiveTagKeys field's value. +func (s *AssumeRoleInput) SetTransitiveTagKeys(v []*string) *AssumeRoleInput { + s.TransitiveTagKeys = v + return s +} + // Contains the response to a successful AssumeRole request, including temporary // AWS credentials that can be used to make AWS requests. type AssumeRoleOutput struct { @@ -1418,9 +1659,10 @@ type AssumeRoleOutput struct { // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` - // A percentage value that indicates the size of the policy in packed form. - // The service rejects any policy with a packed size greater than 100 percent, - // which means the policy exceeded the allowed space. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` } @@ -1491,16 +1733,16 @@ type AssumeRoleWithSAMLInput struct { // in the IAM User Guide. // // The plain text that you use for both inline and managed session policies - // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII // character from the space character to the end of the valid character list // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -1509,15 +1751,15 @@ type AssumeRoleWithSAMLInput struct { // // This parameter is optional. You can provide up to 10 managed policy ARNs. // However, the plain text that you use for both inline and managed session - // policies shouldn't exceed 2048 characters. For more information about ARNs, + // policies can't exceed 2,048 characters. For more information about ARNs, // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. // // Passing policies to this operation returns new temporary credentials. The // resulting session's permissions are the intersection of the role's identity-based @@ -1673,9 +1915,10 @@ type AssumeRoleWithSAMLOutput struct { // ) ) NameQualifier *string `type:"string"` - // A percentage value that indicates the size of the policy in packed form. - // The service rejects any policy with a packed size greater than 100 percent, - // which means the policy exceeded the allowed space. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` // The value of the NameID element in the Subject element of the SAML assertion. @@ -1786,16 +2029,16 @@ type AssumeRoleWithWebIdentityInput struct { // in the IAM User Guide. // // The plain text that you use for both inline and managed session policies - // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII // character from the space character to the end of the valid character list // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -1804,15 +2047,15 @@ type AssumeRoleWithWebIdentityInput struct { // // This parameter is optional. You can provide up to 10 managed policy ARNs. // However, the plain text that you use for both inline and managed session - // policies shouldn't exceed 2048 characters. For more information about ARNs, + // policies can't exceed 2,048 characters. For more information about ARNs, // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. // // Passing policies to this operation returns new temporary credentials. The // resulting session's permissions are the intersection of the role's identity-based @@ -1983,9 +2226,10 @@ type AssumeRoleWithWebIdentityOutput struct { // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` - // A percentage value that indicates the size of the policy in packed form. - // The service rejects any policy with a packed size greater than 100 percent, - // which means the policy exceeded the allowed space. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` // The issuing authority of the web identity token presented. For OpenID Connect @@ -2057,7 +2301,7 @@ type AssumedRoleUser struct { // The ARN of the temporary security credentials that are returned from the // AssumeRole action. For more information about ARNs and how to use them in // policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) - // in Using IAM. + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -2225,7 +2469,7 @@ type FederatedUser struct { // The ARN that specifies the federated user that is associated with the credentials. // For more information about ARNs and how to use them in policies, see IAM // Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) - // in Using IAM. + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -2265,7 +2509,7 @@ type GetAccessKeyInfoInput struct { // The identifier of an access key. // // This parameter allows (through its regex pattern) a string of characters - // that can consist of any upper- or lowercased letter or digit. + // that can consist of any upper- or lowercase letter or digit. // // AccessKeyId is a required field AccessKeyId *string `min:"16" type:"string" required:"true"` @@ -2418,10 +2662,7 @@ type GetFederationTokenInput struct { // use as managed session policies. // // This parameter is optional. However, if you do not pass any session policies, - // then the resulting federated user session has no permissions. The only exception - // is when the credentials are used to access a resource that has a resource-based - // policy that specifically references the federated user session in the Principal - // element of the policy. + // then the resulting federated user session has no permissions. // // When you pass session policies, the session permissions are the intersection // of the IAM user policies and the session policies that you pass. This gives @@ -2431,17 +2672,23 @@ type GetFederationTokenInput struct { // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // + // The resulting credentials can be used to access a resource that has a resource-based + // policy. If that policy specifically references the federated user session + // in the Principal element of the policy, the session has the permissions allowed + // by the policy. These permissions are granted in addition to the permissions + // that are granted by the session policies. + // // The plain text that you use for both inline and managed session policies - // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII // character from the space character to the end of the valid character list // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -2452,16 +2699,13 @@ type GetFederationTokenInput struct { // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policies to // use as managed session policies. The plain text that you use for both inline - // and managed session policies shouldn't exceed 2048 characters. You can provide + // and managed session policies can't exceed 2,048 characters. You can provide // up to 10 managed policy ARNs. For more information about ARNs, see Amazon // Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // This parameter is optional. However, if you do not pass any session policies, - // then the resulting federated user session has no permissions. The only exception - // is when the credentials are used to access a resource that has a resource-based - // policy that specifically references the federated user session in the Principal - // element of the policy. + // then the resulting federated user session has no permissions. // // When you pass session policies, the session permissions are the intersection // of the IAM user policies and the session policies that you pass. This gives @@ -2471,12 +2715,46 @@ type GetFederationTokenInput struct { // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The characters in this parameter count towards the 2048 character session - // policy guideline. However, an AWS conversion compresses the session policies - // into a packed binary format that has a separate limit. This is the enforced - // limit. The PackedPolicySize response element indicates by percentage how - // close the policy is to the upper size limit. + // The resulting credentials can be used to access a resource that has a resource-based + // policy. If that policy specifically references the federated user session + // in the Principal element of the policy, the session has the permissions allowed + // by the policy. These permissions are granted in addition to the permissions + // that are granted by the session policies. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. PolicyArns []*PolicyDescriptorType `type:"list"` + + // A list of session tags. Each session tag consists of a key name and an associated + // value. For more information about session tags, see Passing Session Tags + // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // in the IAM User Guide. + // + // This parameter is optional. You can pass up to 50 session tags. The plain + // text session tag keys can’t exceed 128 characters and the values can’t + // exceed 256 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // You can pass a session tag with the same key as a tag that is already attached + // to the user you are federating. When you do, session tags override a user + // tag with the same key. + // + // Tag key–value pairs are not case sensitive, but case is preserved. This + // means that you cannot have separate Department and department tag keys. Assume + // that the role has the Department=Marketing tag and you pass the department=engineering + // session tag. Department and department are not saved as separate tags, and + // the session tag passed in the request takes precedence over the role tag. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -2514,6 +2792,16 @@ func (s *GetFederationTokenInput) Validate() error { } } } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -2545,6 +2833,12 @@ func (s *GetFederationTokenInput) SetPolicyArns(v []*PolicyDescriptorType) *GetF return s } +// SetTags sets the Tags field's value. +func (s *GetFederationTokenInput) SetTags(v []*Tag) *GetFederationTokenInput { + s.Tags = v + return s +} + // Contains the response to a successful GetFederationToken request, including // temporary AWS credentials that can be used to make AWS requests. type GetFederationTokenOutput struct { @@ -2563,9 +2857,10 @@ type GetFederationTokenOutput struct { // an Amazon S3 bucket policy. FederatedUser *FederatedUser `type:"structure"` - // A percentage value indicating the size of the policy in packed form. The - // service rejects policies for which the packed size is greater than 100 percent - // of the allowed value. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` } @@ -2748,3 +3043,73 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { s.Arn = &v return s } + +// You can pass custom key-value pair attributes when you assume a role or federate +// a user. These are called session tags. You can then use the session tags +// to control access to resources. For more information, see Tagging AWS STS +// Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +type Tag struct { + _ struct{} `type:"structure"` + + // The key for a session tag. + // + // You can pass up to 50 session tags. The plain text session tag keys can’t + // exceed 128 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // Key is a required field + Key *string `min:"1" type:"string" required:"true"` + + // The value for a session tag. + // + // You can pass up to 50 session tags. The plain text session tag values can’t + // exceed 256 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // Value is a required field + Value *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s Tag) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Tag) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *Tag) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Tag"} + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Key != nil && len(*s.Key) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Key", 1)) + } + if s.Value == nil { + invalidParams.Add(request.NewErrParamRequired("Value")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKey sets the Key field's value. +func (s *Tag) SetKey(v string) *Tag { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *Tag) SetValue(v string) *Tag { + s.Value = &v + return s +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go index 41ea09c..a233f54 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go @@ -14,11 +14,11 @@ const ( // ErrCodeIDPCommunicationErrorException for service response error code // "IDPCommunicationError". // - // The request could not be fulfilled because the non-AWS identity provider - // (IDP) that was asked to verify the incoming identity token could not be reached. - // This is often a transient error caused by network conditions. Retry the request + // The request could not be fulfilled because the identity provider (IDP) that + // was asked to verify the incoming identity token could not be reached. This + // is often a transient error caused by network conditions. Retry the request // a limited number of times so that you don't exceed the request rate. If the - // error persists, the non-AWS identity provider might be down or not responding. + // error persists, the identity provider might be down or not responding. ErrCodeIDPCommunicationErrorException = "IDPCommunicationError" // ErrCodeIDPRejectedClaimException for service response error code @@ -56,9 +56,18 @@ const ( // ErrCodePackedPolicyTooLargeException for service response error code // "PackedPolicyTooLarge". // - // The request was rejected because the policy document was too large. The error - // message describes how big the policy document is, in packed form, as a percentage - // of what the API allows. + // The request was rejected because the total packed size of the session policies + // and session tags combined was too large. An AWS conversion compresses the + // session policy document, session policy ARNs, and session tags into a packed + // binary format that has a separate limit. The error message indicates by percentage + // how close the policies and tags are to the upper size limit. For more information, + // see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // in the IAM User Guide. + // + // You could receive this error even though you meet other defined session policy + // and session tag limits. For more information, see IAM and STS Entity Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) + // in the IAM User Guide. ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge" // ErrCodeRegionDisabledException for service response error code diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go index 185c914..d34a685 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "sts" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "STS" // ServiceID is a unique identifer of a specific service. + ServiceID = "STS" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the STS client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a STS client from just a session. // svc := sts.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *STS { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *STS { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *STS { svc := &STS{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2011-06-15", }, diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go new file mode 100644 index 0000000..d1354b1 --- /dev/null +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go @@ -0,0 +1,366 @@ +// Copyright 2017 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package promhttp + +import ( + "bufio" + "io" + "net" + "net/http" +) + +const ( + closeNotifier = 1 << iota + flusher + hijacker + readerFrom + pusher +) + +type delegator interface { + http.ResponseWriter + + Status() int + Written() int64 +} + +type responseWriterDelegator struct { + http.ResponseWriter + + status int + written int64 + wroteHeader bool + observeWriteHeader func(int) +} + +func (r *responseWriterDelegator) Status() int { + return r.status +} + +func (r *responseWriterDelegator) Written() int64 { + return r.written +} + +func (r *responseWriterDelegator) WriteHeader(code int) { + r.status = code + r.wroteHeader = true + r.ResponseWriter.WriteHeader(code) + if r.observeWriteHeader != nil { + r.observeWriteHeader(code) + } +} + +func (r *responseWriterDelegator) Write(b []byte) (int, error) { + // If applicable, call WriteHeader here so that observeWriteHeader is + // handled appropriately. + if !r.wroteHeader { + r.WriteHeader(http.StatusOK) + } + n, err := r.ResponseWriter.Write(b) + r.written += int64(n) + return n, err +} + +type closeNotifierDelegator struct{ *responseWriterDelegator } +type flusherDelegator struct{ *responseWriterDelegator } +type hijackerDelegator struct{ *responseWriterDelegator } +type readerFromDelegator struct{ *responseWriterDelegator } +type pusherDelegator struct{ *responseWriterDelegator } + +func (d closeNotifierDelegator) CloseNotify() <-chan bool { + //lint:ignore SA1019 http.CloseNotifier is deprecated but we don't want to + //remove support from client_golang yet. + return d.ResponseWriter.(http.CloseNotifier).CloseNotify() +} +func (d flusherDelegator) Flush() { + // If applicable, call WriteHeader here so that observeWriteHeader is + // handled appropriately. + if !d.wroteHeader { + d.WriteHeader(http.StatusOK) + } + d.ResponseWriter.(http.Flusher).Flush() +} +func (d hijackerDelegator) Hijack() (net.Conn, *bufio.ReadWriter, error) { + return d.ResponseWriter.(http.Hijacker).Hijack() +} +func (d readerFromDelegator) ReadFrom(re io.Reader) (int64, error) { + // If applicable, call WriteHeader here so that observeWriteHeader is + // handled appropriately. + if !d.wroteHeader { + d.WriteHeader(http.StatusOK) + } + n, err := d.ResponseWriter.(io.ReaderFrom).ReadFrom(re) + d.written += n + return n, err +} +func (d pusherDelegator) Push(target string, opts *http.PushOptions) error { + return d.ResponseWriter.(http.Pusher).Push(target, opts) +} + +var pickDelegator = make([]func(*responseWriterDelegator) delegator, 32) + +func init() { + // TODO(beorn7): Code generation would help here. + pickDelegator[0] = func(d *responseWriterDelegator) delegator { // 0 + return d + } + pickDelegator[closeNotifier] = func(d *responseWriterDelegator) delegator { // 1 + return closeNotifierDelegator{d} + } + pickDelegator[flusher] = func(d *responseWriterDelegator) delegator { // 2 + return flusherDelegator{d} + } + pickDelegator[flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 3 + return struct { + *responseWriterDelegator + http.Flusher + http.CloseNotifier + }{d, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[hijacker] = func(d *responseWriterDelegator) delegator { // 4 + return hijackerDelegator{d} + } + pickDelegator[hijacker+closeNotifier] = func(d *responseWriterDelegator) delegator { // 5 + return struct { + *responseWriterDelegator + http.Hijacker + http.CloseNotifier + }{d, hijackerDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[hijacker+flusher] = func(d *responseWriterDelegator) delegator { // 6 + return struct { + *responseWriterDelegator + http.Hijacker + http.Flusher + }{d, hijackerDelegator{d}, flusherDelegator{d}} + } + pickDelegator[hijacker+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 7 + return struct { + *responseWriterDelegator + http.Hijacker + http.Flusher + http.CloseNotifier + }{d, hijackerDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[readerFrom] = func(d *responseWriterDelegator) delegator { // 8 + return readerFromDelegator{d} + } + pickDelegator[readerFrom+closeNotifier] = func(d *responseWriterDelegator) delegator { // 9 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.CloseNotifier + }{d, readerFromDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[readerFrom+flusher] = func(d *responseWriterDelegator) delegator { // 10 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.Flusher + }{d, readerFromDelegator{d}, flusherDelegator{d}} + } + pickDelegator[readerFrom+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 11 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.Flusher + http.CloseNotifier + }{d, readerFromDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[readerFrom+hijacker] = func(d *responseWriterDelegator) delegator { // 12 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.Hijacker + }{d, readerFromDelegator{d}, hijackerDelegator{d}} + } + pickDelegator[readerFrom+hijacker+closeNotifier] = func(d *responseWriterDelegator) delegator { // 13 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.Hijacker + http.CloseNotifier + }{d, readerFromDelegator{d}, hijackerDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[readerFrom+hijacker+flusher] = func(d *responseWriterDelegator) delegator { // 14 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.Hijacker + http.Flusher + }{d, readerFromDelegator{d}, hijackerDelegator{d}, flusherDelegator{d}} + } + pickDelegator[readerFrom+hijacker+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 15 + return struct { + *responseWriterDelegator + io.ReaderFrom + http.Hijacker + http.Flusher + http.CloseNotifier + }{d, readerFromDelegator{d}, hijackerDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher] = func(d *responseWriterDelegator) delegator { // 16 + return pusherDelegator{d} + } + pickDelegator[pusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 17 + return struct { + *responseWriterDelegator + http.Pusher + http.CloseNotifier + }{d, pusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+flusher] = func(d *responseWriterDelegator) delegator { // 18 + return struct { + *responseWriterDelegator + http.Pusher + http.Flusher + }{d, pusherDelegator{d}, flusherDelegator{d}} + } + pickDelegator[pusher+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 19 + return struct { + *responseWriterDelegator + http.Pusher + http.Flusher + http.CloseNotifier + }{d, pusherDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+hijacker] = func(d *responseWriterDelegator) delegator { // 20 + return struct { + *responseWriterDelegator + http.Pusher + http.Hijacker + }{d, pusherDelegator{d}, hijackerDelegator{d}} + } + pickDelegator[pusher+hijacker+closeNotifier] = func(d *responseWriterDelegator) delegator { // 21 + return struct { + *responseWriterDelegator + http.Pusher + http.Hijacker + http.CloseNotifier + }{d, pusherDelegator{d}, hijackerDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+hijacker+flusher] = func(d *responseWriterDelegator) delegator { // 22 + return struct { + *responseWriterDelegator + http.Pusher + http.Hijacker + http.Flusher + }{d, pusherDelegator{d}, hijackerDelegator{d}, flusherDelegator{d}} + } + pickDelegator[pusher+hijacker+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { //23 + return struct { + *responseWriterDelegator + http.Pusher + http.Hijacker + http.Flusher + http.CloseNotifier + }{d, pusherDelegator{d}, hijackerDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+readerFrom] = func(d *responseWriterDelegator) delegator { // 24 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + }{d, pusherDelegator{d}, readerFromDelegator{d}} + } + pickDelegator[pusher+readerFrom+closeNotifier] = func(d *responseWriterDelegator) delegator { // 25 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.CloseNotifier + }{d, pusherDelegator{d}, readerFromDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+readerFrom+flusher] = func(d *responseWriterDelegator) delegator { // 26 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.Flusher + }{d, pusherDelegator{d}, readerFromDelegator{d}, flusherDelegator{d}} + } + pickDelegator[pusher+readerFrom+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 27 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.Flusher + http.CloseNotifier + }{d, pusherDelegator{d}, readerFromDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+readerFrom+hijacker] = func(d *responseWriterDelegator) delegator { // 28 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.Hijacker + }{d, pusherDelegator{d}, readerFromDelegator{d}, hijackerDelegator{d}} + } + pickDelegator[pusher+readerFrom+hijacker+closeNotifier] = func(d *responseWriterDelegator) delegator { // 29 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.Hijacker + http.CloseNotifier + }{d, pusherDelegator{d}, readerFromDelegator{d}, hijackerDelegator{d}, closeNotifierDelegator{d}} + } + pickDelegator[pusher+readerFrom+hijacker+flusher] = func(d *responseWriterDelegator) delegator { // 30 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.Hijacker + http.Flusher + }{d, pusherDelegator{d}, readerFromDelegator{d}, hijackerDelegator{d}, flusherDelegator{d}} + } + pickDelegator[pusher+readerFrom+hijacker+flusher+closeNotifier] = func(d *responseWriterDelegator) delegator { // 31 + return struct { + *responseWriterDelegator + http.Pusher + io.ReaderFrom + http.Hijacker + http.Flusher + http.CloseNotifier + }{d, pusherDelegator{d}, readerFromDelegator{d}, hijackerDelegator{d}, flusherDelegator{d}, closeNotifierDelegator{d}} + } +} + +func newDelegator(w http.ResponseWriter, observeWriteHeaderFunc func(int)) delegator { + d := &responseWriterDelegator{ + ResponseWriter: w, + observeWriteHeader: observeWriteHeaderFunc, + } + + id := 0 + //lint:ignore SA1019 http.CloseNotifier is deprecated but we don't want to + //remove support from client_golang yet. + if _, ok := w.(http.CloseNotifier); ok { + id += closeNotifier + } + if _, ok := w.(http.Flusher); ok { + id += flusher + } + if _, ok := w.(http.Hijacker); ok { + id += hijacker + } + if _, ok := w.(io.ReaderFrom); ok { + id += readerFrom + } + if _, ok := w.(http.Pusher); ok { + id += pusher + } + + return pickDelegator[id](d) +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go new file mode 100644 index 0000000..b0ee467 --- /dev/null +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go @@ -0,0 +1,380 @@ +// Copyright 2016 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package promhttp provides tooling around HTTP servers and clients. +// +// First, the package allows the creation of http.Handler instances to expose +// Prometheus metrics via HTTP. promhttp.Handler acts on the +// prometheus.DefaultGatherer. With HandlerFor, you can create a handler for a +// custom registry or anything that implements the Gatherer interface. It also +// allows the creation of handlers that act differently on errors or allow to +// log errors. +// +// Second, the package provides tooling to instrument instances of http.Handler +// via middleware. Middleware wrappers follow the naming scheme +// InstrumentHandlerX, where X describes the intended use of the middleware. +// See each function's doc comment for specific details. +// +// Finally, the package allows for an http.RoundTripper to be instrumented via +// middleware. Middleware wrappers follow the naming scheme +// InstrumentRoundTripperX, where X describes the intended use of the +// middleware. See each function's doc comment for specific details. +package promhttp + +import ( + "compress/gzip" + "fmt" + "io" + "net/http" + "strings" + "sync" + "time" + + "github.com/prometheus/common/expfmt" + + "github.com/prometheus/client_golang/prometheus" +) + +const ( + contentTypeHeader = "Content-Type" + contentEncodingHeader = "Content-Encoding" + acceptEncodingHeader = "Accept-Encoding" +) + +var gzipPool = sync.Pool{ + New: func() interface{} { + return gzip.NewWriter(nil) + }, +} + +// Handler returns an http.Handler for the prometheus.DefaultGatherer, using +// default HandlerOpts, i.e. it reports the first error as an HTTP error, it has +// no error logging, and it applies compression if requested by the client. +// +// The returned http.Handler is already instrumented using the +// InstrumentMetricHandler function and the prometheus.DefaultRegisterer. If you +// create multiple http.Handlers by separate calls of the Handler function, the +// metrics used for instrumentation will be shared between them, providing +// global scrape counts. +// +// This function is meant to cover the bulk of basic use cases. If you are doing +// anything that requires more customization (including using a non-default +// Gatherer, different instrumentation, and non-default HandlerOpts), use the +// HandlerFor function. See there for details. +func Handler() http.Handler { + return InstrumentMetricHandler( + prometheus.DefaultRegisterer, HandlerFor(prometheus.DefaultGatherer, HandlerOpts{}), + ) +} + +// HandlerFor returns an uninstrumented http.Handler for the provided +// Gatherer. The behavior of the Handler is defined by the provided +// HandlerOpts. Thus, HandlerFor is useful to create http.Handlers for custom +// Gatherers, with non-default HandlerOpts, and/or with custom (or no) +// instrumentation. Use the InstrumentMetricHandler function to apply the same +// kind of instrumentation as it is used by the Handler function. +func HandlerFor(reg prometheus.Gatherer, opts HandlerOpts) http.Handler { + var ( + inFlightSem chan struct{} + errCnt = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Name: "promhttp_metric_handler_errors_total", + Help: "Total number of internal errors encountered by the promhttp metric handler.", + }, + []string{"cause"}, + ) + ) + + if opts.MaxRequestsInFlight > 0 { + inFlightSem = make(chan struct{}, opts.MaxRequestsInFlight) + } + if opts.Registry != nil { + // Initialize all possibilites that can occur below. + errCnt.WithLabelValues("gathering") + errCnt.WithLabelValues("encoding") + if err := opts.Registry.Register(errCnt); err != nil { + if are, ok := err.(prometheus.AlreadyRegisteredError); ok { + errCnt = are.ExistingCollector.(*prometheus.CounterVec) + } else { + panic(err) + } + } + } + + h := http.HandlerFunc(func(rsp http.ResponseWriter, req *http.Request) { + if inFlightSem != nil { + select { + case inFlightSem <- struct{}{}: // All good, carry on. + defer func() { <-inFlightSem }() + default: + http.Error(rsp, fmt.Sprintf( + "Limit of concurrent requests reached (%d), try again later.", opts.MaxRequestsInFlight, + ), http.StatusServiceUnavailable) + return + } + } + mfs, err := reg.Gather() + if err != nil { + if opts.ErrorLog != nil { + opts.ErrorLog.Println("error gathering metrics:", err) + } + errCnt.WithLabelValues("gathering").Inc() + switch opts.ErrorHandling { + case PanicOnError: + panic(err) + case ContinueOnError: + if len(mfs) == 0 { + // Still report the error if no metrics have been gathered. + httpError(rsp, err) + return + } + case HTTPErrorOnError: + httpError(rsp, err) + return + } + } + + var contentType expfmt.Format + if opts.EnableOpenMetrics { + contentType = expfmt.NegotiateIncludingOpenMetrics(req.Header) + } else { + contentType = expfmt.Negotiate(req.Header) + } + header := rsp.Header() + header.Set(contentTypeHeader, string(contentType)) + + w := io.Writer(rsp) + if !opts.DisableCompression && gzipAccepted(req.Header) { + header.Set(contentEncodingHeader, "gzip") + gz := gzipPool.Get().(*gzip.Writer) + defer gzipPool.Put(gz) + + gz.Reset(w) + defer gz.Close() + + w = gz + } + + enc := expfmt.NewEncoder(w, contentType) + + var lastErr error + + // handleError handles the error according to opts.ErrorHandling + // and returns true if we have to abort after the handling. + handleError := func(err error) bool { + if err == nil { + return false + } + lastErr = err + if opts.ErrorLog != nil { + opts.ErrorLog.Println("error encoding and sending metric family:", err) + } + errCnt.WithLabelValues("encoding").Inc() + switch opts.ErrorHandling { + case PanicOnError: + panic(err) + case HTTPErrorOnError: + httpError(rsp, err) + return true + } + // Do nothing in all other cases, including ContinueOnError. + return false + } + + for _, mf := range mfs { + if handleError(enc.Encode(mf)) { + return + } + } + if closer, ok := enc.(expfmt.Closer); ok { + // This in particular takes care of the final "# EOF\n" line for OpenMetrics. + if handleError(closer.Close()) { + return + } + } + + if lastErr != nil { + httpError(rsp, lastErr) + } + }) + + if opts.Timeout <= 0 { + return h + } + return http.TimeoutHandler(h, opts.Timeout, fmt.Sprintf( + "Exceeded configured timeout of %v.\n", + opts.Timeout, + )) +} + +// InstrumentMetricHandler is usually used with an http.Handler returned by the +// HandlerFor function. It instruments the provided http.Handler with two +// metrics: A counter vector "promhttp_metric_handler_requests_total" to count +// scrapes partitioned by HTTP status code, and a gauge +// "promhttp_metric_handler_requests_in_flight" to track the number of +// simultaneous scrapes. This function idempotently registers collectors for +// both metrics with the provided Registerer. It panics if the registration +// fails. The provided metrics are useful to see how many scrapes hit the +// monitored target (which could be from different Prometheus servers or other +// scrapers), and how often they overlap (which would result in more than one +// scrape in flight at the same time). Note that the scrapes-in-flight gauge +// will contain the scrape by which it is exposed, while the scrape counter will +// only get incremented after the scrape is complete (as only then the status +// code is known). For tracking scrape durations, use the +// "scrape_duration_seconds" gauge created by the Prometheus server upon each +// scrape. +func InstrumentMetricHandler(reg prometheus.Registerer, handler http.Handler) http.Handler { + cnt := prometheus.NewCounterVec( + prometheus.CounterOpts{ + Name: "promhttp_metric_handler_requests_total", + Help: "Total number of scrapes by HTTP status code.", + }, + []string{"code"}, + ) + // Initialize the most likely HTTP status codes. + cnt.WithLabelValues("200") + cnt.WithLabelValues("500") + cnt.WithLabelValues("503") + if err := reg.Register(cnt); err != nil { + if are, ok := err.(prometheus.AlreadyRegisteredError); ok { + cnt = are.ExistingCollector.(*prometheus.CounterVec) + } else { + panic(err) + } + } + + gge := prometheus.NewGauge(prometheus.GaugeOpts{ + Name: "promhttp_metric_handler_requests_in_flight", + Help: "Current number of scrapes being served.", + }) + if err := reg.Register(gge); err != nil { + if are, ok := err.(prometheus.AlreadyRegisteredError); ok { + gge = are.ExistingCollector.(prometheus.Gauge) + } else { + panic(err) + } + } + + return InstrumentHandlerCounter(cnt, InstrumentHandlerInFlight(gge, handler)) +} + +// HandlerErrorHandling defines how a Handler serving metrics will handle +// errors. +type HandlerErrorHandling int + +// These constants cause handlers serving metrics to behave as described if +// errors are encountered. +const ( + // Serve an HTTP status code 500 upon the first error + // encountered. Report the error message in the body. + HTTPErrorOnError HandlerErrorHandling = iota + // Ignore errors and try to serve as many metrics as possible. However, + // if no metrics can be served, serve an HTTP status code 500 and the + // last error message in the body. Only use this in deliberate "best + // effort" metrics collection scenarios. In this case, it is highly + // recommended to provide other means of detecting errors: By setting an + // ErrorLog in HandlerOpts, the errors are logged. By providing a + // Registry in HandlerOpts, the exposed metrics include an error counter + // "promhttp_metric_handler_errors_total", which can be used for + // alerts. + ContinueOnError + // Panic upon the first error encountered (useful for "crash only" apps). + PanicOnError +) + +// Logger is the minimal interface HandlerOpts needs for logging. Note that +// log.Logger from the standard library implements this interface, and it is +// easy to implement by custom loggers, if they don't do so already anyway. +type Logger interface { + Println(v ...interface{}) +} + +// HandlerOpts specifies options how to serve metrics via an http.Handler. The +// zero value of HandlerOpts is a reasonable default. +type HandlerOpts struct { + // ErrorLog specifies an optional logger for errors collecting and + // serving metrics. If nil, errors are not logged at all. + ErrorLog Logger + // ErrorHandling defines how errors are handled. Note that errors are + // logged regardless of the configured ErrorHandling provided ErrorLog + // is not nil. + ErrorHandling HandlerErrorHandling + // If Registry is not nil, it is used to register a metric + // "promhttp_metric_handler_errors_total", partitioned by "cause". A + // failed registration causes a panic. Note that this error counter is + // different from the instrumentation you get from the various + // InstrumentHandler... helpers. It counts errors that don't necessarily + // result in a non-2xx HTTP status code. There are two typical cases: + // (1) Encoding errors that only happen after streaming of the HTTP body + // has already started (and the status code 200 has been sent). This + // should only happen with custom collectors. (2) Collection errors with + // no effect on the HTTP status code because ErrorHandling is set to + // ContinueOnError. + Registry prometheus.Registerer + // If DisableCompression is true, the handler will never compress the + // response, even if requested by the client. + DisableCompression bool + // The number of concurrent HTTP requests is limited to + // MaxRequestsInFlight. Additional requests are responded to with 503 + // Service Unavailable and a suitable message in the body. If + // MaxRequestsInFlight is 0 or negative, no limit is applied. + MaxRequestsInFlight int + // If handling a request takes longer than Timeout, it is responded to + // with 503 ServiceUnavailable and a suitable Message. No timeout is + // applied if Timeout is 0 or negative. Note that with the current + // implementation, reaching the timeout simply ends the HTTP requests as + // described above (and even that only if sending of the body hasn't + // started yet), while the bulk work of gathering all the metrics keeps + // running in the background (with the eventual result to be thrown + // away). Until the implementation is improved, it is recommended to + // implement a separate timeout in potentially slow Collectors. + Timeout time.Duration + // If true, the experimental OpenMetrics encoding is added to the + // possible options during content negotiation. Note that Prometheus + // 2.5.0+ will negotiate OpenMetrics as first priority. OpenMetrics is + // the only way to transmit exemplars. However, the move to OpenMetrics + // is not completely transparent. Most notably, the values of "quantile" + // labels of Summaries and "le" labels of Histograms are formatted with + // a trailing ".0" if they would otherwise look like integer numbers + // (which changes the identity of the resulting series on the Prometheus + // server). + EnableOpenMetrics bool +} + +// gzipAccepted returns whether the client will accept gzip-encoded content. +func gzipAccepted(header http.Header) bool { + a := header.Get(acceptEncodingHeader) + parts := strings.Split(a, ",") + for _, part := range parts { + part = strings.TrimSpace(part) + if part == "gzip" || strings.HasPrefix(part, "gzip;") { + return true + } + } + return false +} + +// httpError removes any content-encoding header and then calls http.Error with +// the provided error and http.StatusInternalServerErrer. Error contents is +// supposed to be uncompressed plain text. However, same as with a plain +// http.Error, any header settings will be void if the header has already been +// sent. The error message will still be written to the writer, but it will +// probably be of limited use. +func httpError(rsp http.ResponseWriter, err error) { + rsp.Header().Del(contentEncodingHeader) + http.Error( + rsp, + "An error has occurred while serving metrics:\n\n"+err.Error(), + http.StatusInternalServerError, + ) +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go new file mode 100644 index 0000000..83c49b6 --- /dev/null +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go @@ -0,0 +1,219 @@ +// Copyright 2017 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package promhttp + +import ( + "crypto/tls" + "net/http" + "net/http/httptrace" + "time" + + "github.com/prometheus/client_golang/prometheus" +) + +// The RoundTripperFunc type is an adapter to allow the use of ordinary +// functions as RoundTrippers. If f is a function with the appropriate +// signature, RountTripperFunc(f) is a RoundTripper that calls f. +type RoundTripperFunc func(req *http.Request) (*http.Response, error) + +// RoundTrip implements the RoundTripper interface. +func (rt RoundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error) { + return rt(r) +} + +// InstrumentRoundTripperInFlight is a middleware that wraps the provided +// http.RoundTripper. It sets the provided prometheus.Gauge to the number of +// requests currently handled by the wrapped http.RoundTripper. +// +// See the example for ExampleInstrumentRoundTripperDuration for example usage. +func InstrumentRoundTripperInFlight(gauge prometheus.Gauge, next http.RoundTripper) RoundTripperFunc { + return RoundTripperFunc(func(r *http.Request) (*http.Response, error) { + gauge.Inc() + defer gauge.Dec() + return next.RoundTrip(r) + }) +} + +// InstrumentRoundTripperCounter is a middleware that wraps the provided +// http.RoundTripper to observe the request result with the provided CounterVec. +// The CounterVec must have zero, one, or two non-const non-curried labels. For +// those, the only allowed label names are "code" and "method". The function +// panics otherwise. Partitioning of the CounterVec happens by HTTP status code +// and/or HTTP method if the respective instance label names are present in the +// CounterVec. For unpartitioned counting, use a CounterVec with zero labels. +// +// If the wrapped RoundTripper panics or returns a non-nil error, the Counter +// is not incremented. +// +// See the example for ExampleInstrumentRoundTripperDuration for example usage. +func InstrumentRoundTripperCounter(counter *prometheus.CounterVec, next http.RoundTripper) RoundTripperFunc { + code, method := checkLabels(counter) + + return RoundTripperFunc(func(r *http.Request) (*http.Response, error) { + resp, err := next.RoundTrip(r) + if err == nil { + counter.With(labels(code, method, r.Method, resp.StatusCode)).Inc() + } + return resp, err + }) +} + +// InstrumentRoundTripperDuration is a middleware that wraps the provided +// http.RoundTripper to observe the request duration with the provided +// ObserverVec. The ObserverVec must have zero, one, or two non-const +// non-curried labels. For those, the only allowed label names are "code" and +// "method". The function panics otherwise. The Observe method of the Observer +// in the ObserverVec is called with the request duration in +// seconds. Partitioning happens by HTTP status code and/or HTTP method if the +// respective instance label names are present in the ObserverVec. For +// unpartitioned observations, use an ObserverVec with zero labels. Note that +// partitioning of Histograms is expensive and should be used judiciously. +// +// If the wrapped RoundTripper panics or returns a non-nil error, no values are +// reported. +// +// Note that this method is only guaranteed to never observe negative durations +// if used with Go1.9+. +func InstrumentRoundTripperDuration(obs prometheus.ObserverVec, next http.RoundTripper) RoundTripperFunc { + code, method := checkLabels(obs) + + return RoundTripperFunc(func(r *http.Request) (*http.Response, error) { + start := time.Now() + resp, err := next.RoundTrip(r) + if err == nil { + obs.With(labels(code, method, r.Method, resp.StatusCode)).Observe(time.Since(start).Seconds()) + } + return resp, err + }) +} + +// InstrumentTrace is used to offer flexibility in instrumenting the available +// httptrace.ClientTrace hook functions. Each function is passed a float64 +// representing the time in seconds since the start of the http request. A user +// may choose to use separately buckets Histograms, or implement custom +// instance labels on a per function basis. +type InstrumentTrace struct { + GotConn func(float64) + PutIdleConn func(float64) + GotFirstResponseByte func(float64) + Got100Continue func(float64) + DNSStart func(float64) + DNSDone func(float64) + ConnectStart func(float64) + ConnectDone func(float64) + TLSHandshakeStart func(float64) + TLSHandshakeDone func(float64) + WroteHeaders func(float64) + Wait100Continue func(float64) + WroteRequest func(float64) +} + +// InstrumentRoundTripperTrace is a middleware that wraps the provided +// RoundTripper and reports times to hook functions provided in the +// InstrumentTrace struct. Hook functions that are not present in the provided +// InstrumentTrace struct are ignored. Times reported to the hook functions are +// time since the start of the request. Only with Go1.9+, those times are +// guaranteed to never be negative. (Earlier Go versions are not using a +// monotonic clock.) Note that partitioning of Histograms is expensive and +// should be used judiciously. +// +// For hook functions that receive an error as an argument, no observations are +// made in the event of a non-nil error value. +// +// See the example for ExampleInstrumentRoundTripperDuration for example usage. +func InstrumentRoundTripperTrace(it *InstrumentTrace, next http.RoundTripper) RoundTripperFunc { + return RoundTripperFunc(func(r *http.Request) (*http.Response, error) { + start := time.Now() + + trace := &httptrace.ClientTrace{ + GotConn: func(_ httptrace.GotConnInfo) { + if it.GotConn != nil { + it.GotConn(time.Since(start).Seconds()) + } + }, + PutIdleConn: func(err error) { + if err != nil { + return + } + if it.PutIdleConn != nil { + it.PutIdleConn(time.Since(start).Seconds()) + } + }, + DNSStart: func(_ httptrace.DNSStartInfo) { + if it.DNSStart != nil { + it.DNSStart(time.Since(start).Seconds()) + } + }, + DNSDone: func(_ httptrace.DNSDoneInfo) { + if it.DNSDone != nil { + it.DNSDone(time.Since(start).Seconds()) + } + }, + ConnectStart: func(_, _ string) { + if it.ConnectStart != nil { + it.ConnectStart(time.Since(start).Seconds()) + } + }, + ConnectDone: func(_, _ string, err error) { + if err != nil { + return + } + if it.ConnectDone != nil { + it.ConnectDone(time.Since(start).Seconds()) + } + }, + GotFirstResponseByte: func() { + if it.GotFirstResponseByte != nil { + it.GotFirstResponseByte(time.Since(start).Seconds()) + } + }, + Got100Continue: func() { + if it.Got100Continue != nil { + it.Got100Continue(time.Since(start).Seconds()) + } + }, + TLSHandshakeStart: func() { + if it.TLSHandshakeStart != nil { + it.TLSHandshakeStart(time.Since(start).Seconds()) + } + }, + TLSHandshakeDone: func(_ tls.ConnectionState, err error) { + if err != nil { + return + } + if it.TLSHandshakeDone != nil { + it.TLSHandshakeDone(time.Since(start).Seconds()) + } + }, + WroteHeaders: func() { + if it.WroteHeaders != nil { + it.WroteHeaders(time.Since(start).Seconds()) + } + }, + Wait100Continue: func() { + if it.Wait100Continue != nil { + it.Wait100Continue(time.Since(start).Seconds()) + } + }, + WroteRequest: func(_ httptrace.WroteRequestInfo) { + if it.WroteRequest != nil { + it.WroteRequest(time.Since(start).Seconds()) + } + }, + } + r = r.WithContext(httptrace.WithClientTrace(r.Context(), trace)) + + return next.RoundTrip(r) + }) +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go new file mode 100644 index 0000000..9db2438 --- /dev/null +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go @@ -0,0 +1,447 @@ +// Copyright 2017 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package promhttp + +import ( + "errors" + "net/http" + "strconv" + "strings" + "time" + + dto "github.com/prometheus/client_model/go" + + "github.com/prometheus/client_golang/prometheus" +) + +// magicString is used for the hacky label test in checkLabels. Remove once fixed. +const magicString = "zZgWfBxLqvG8kc8IMv3POi2Bb0tZI3vAnBx+gBaFi9FyPzB/CzKUer1yufDa" + +// InstrumentHandlerInFlight is a middleware that wraps the provided +// http.Handler. It sets the provided prometheus.Gauge to the number of +// requests currently handled by the wrapped http.Handler. +// +// See the example for InstrumentHandlerDuration for example usage. +func InstrumentHandlerInFlight(g prometheus.Gauge, next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + g.Inc() + defer g.Dec() + next.ServeHTTP(w, r) + }) +} + +// InstrumentHandlerDuration is a middleware that wraps the provided +// http.Handler to observe the request duration with the provided ObserverVec. +// The ObserverVec must have zero, one, or two non-const non-curried labels. For +// those, the only allowed label names are "code" and "method". The function +// panics otherwise. The Observe method of the Observer in the ObserverVec is +// called with the request duration in seconds. Partitioning happens by HTTP +// status code and/or HTTP method if the respective instance label names are +// present in the ObserverVec. For unpartitioned observations, use an +// ObserverVec with zero labels. Note that partitioning of Histograms is +// expensive and should be used judiciously. +// +// If the wrapped Handler does not set a status code, a status code of 200 is assumed. +// +// If the wrapped Handler panics, no values are reported. +// +// Note that this method is only guaranteed to never observe negative durations +// if used with Go1.9+. +func InstrumentHandlerDuration(obs prometheus.ObserverVec, next http.Handler) http.HandlerFunc { + code, method := checkLabels(obs) + + if code { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + now := time.Now() + d := newDelegator(w, nil) + next.ServeHTTP(d, r) + + obs.With(labels(code, method, r.Method, d.Status())).Observe(time.Since(now).Seconds()) + }) + } + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + now := time.Now() + next.ServeHTTP(w, r) + obs.With(labels(code, method, r.Method, 0)).Observe(time.Since(now).Seconds()) + }) +} + +// InstrumentHandlerCounter is a middleware that wraps the provided http.Handler +// to observe the request result with the provided CounterVec. The CounterVec +// must have zero, one, or two non-const non-curried labels. For those, the only +// allowed label names are "code" and "method". The function panics +// otherwise. Partitioning of the CounterVec happens by HTTP status code and/or +// HTTP method if the respective instance label names are present in the +// CounterVec. For unpartitioned counting, use a CounterVec with zero labels. +// +// If the wrapped Handler does not set a status code, a status code of 200 is assumed. +// +// If the wrapped Handler panics, the Counter is not incremented. +// +// See the example for InstrumentHandlerDuration for example usage. +func InstrumentHandlerCounter(counter *prometheus.CounterVec, next http.Handler) http.HandlerFunc { + code, method := checkLabels(counter) + + if code { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + d := newDelegator(w, nil) + next.ServeHTTP(d, r) + counter.With(labels(code, method, r.Method, d.Status())).Inc() + }) + } + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + next.ServeHTTP(w, r) + counter.With(labels(code, method, r.Method, 0)).Inc() + }) +} + +// InstrumentHandlerTimeToWriteHeader is a middleware that wraps the provided +// http.Handler to observe with the provided ObserverVec the request duration +// until the response headers are written. The ObserverVec must have zero, one, +// or two non-const non-curried labels. For those, the only allowed label names +// are "code" and "method". The function panics otherwise. The Observe method of +// the Observer in the ObserverVec is called with the request duration in +// seconds. Partitioning happens by HTTP status code and/or HTTP method if the +// respective instance label names are present in the ObserverVec. For +// unpartitioned observations, use an ObserverVec with zero labels. Note that +// partitioning of Histograms is expensive and should be used judiciously. +// +// If the wrapped Handler panics before calling WriteHeader, no value is +// reported. +// +// Note that this method is only guaranteed to never observe negative durations +// if used with Go1.9+. +// +// See the example for InstrumentHandlerDuration for example usage. +func InstrumentHandlerTimeToWriteHeader(obs prometheus.ObserverVec, next http.Handler) http.HandlerFunc { + code, method := checkLabels(obs) + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + now := time.Now() + d := newDelegator(w, func(status int) { + obs.With(labels(code, method, r.Method, status)).Observe(time.Since(now).Seconds()) + }) + next.ServeHTTP(d, r) + }) +} + +// InstrumentHandlerRequestSize is a middleware that wraps the provided +// http.Handler to observe the request size with the provided ObserverVec. The +// ObserverVec must have zero, one, or two non-const non-curried labels. For +// those, the only allowed label names are "code" and "method". The function +// panics otherwise. The Observe method of the Observer in the ObserverVec is +// called with the request size in bytes. Partitioning happens by HTTP status +// code and/or HTTP method if the respective instance label names are present in +// the ObserverVec. For unpartitioned observations, use an ObserverVec with zero +// labels. Note that partitioning of Histograms is expensive and should be used +// judiciously. +// +// If the wrapped Handler does not set a status code, a status code of 200 is assumed. +// +// If the wrapped Handler panics, no values are reported. +// +// See the example for InstrumentHandlerDuration for example usage. +func InstrumentHandlerRequestSize(obs prometheus.ObserverVec, next http.Handler) http.HandlerFunc { + code, method := checkLabels(obs) + + if code { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + d := newDelegator(w, nil) + next.ServeHTTP(d, r) + size := computeApproximateRequestSize(r) + obs.With(labels(code, method, r.Method, d.Status())).Observe(float64(size)) + }) + } + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + next.ServeHTTP(w, r) + size := computeApproximateRequestSize(r) + obs.With(labels(code, method, r.Method, 0)).Observe(float64(size)) + }) +} + +// InstrumentHandlerResponseSize is a middleware that wraps the provided +// http.Handler to observe the response size with the provided ObserverVec. The +// ObserverVec must have zero, one, or two non-const non-curried labels. For +// those, the only allowed label names are "code" and "method". The function +// panics otherwise. The Observe method of the Observer in the ObserverVec is +// called with the response size in bytes. Partitioning happens by HTTP status +// code and/or HTTP method if the respective instance label names are present in +// the ObserverVec. For unpartitioned observations, use an ObserverVec with zero +// labels. Note that partitioning of Histograms is expensive and should be used +// judiciously. +// +// If the wrapped Handler does not set a status code, a status code of 200 is assumed. +// +// If the wrapped Handler panics, no values are reported. +// +// See the example for InstrumentHandlerDuration for example usage. +func InstrumentHandlerResponseSize(obs prometheus.ObserverVec, next http.Handler) http.Handler { + code, method := checkLabels(obs) + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + d := newDelegator(w, nil) + next.ServeHTTP(d, r) + obs.With(labels(code, method, r.Method, d.Status())).Observe(float64(d.Written())) + }) +} + +func checkLabels(c prometheus.Collector) (code bool, method bool) { + // TODO(beorn7): Remove this hacky way to check for instance labels + // once Descriptors can have their dimensionality queried. + var ( + desc *prometheus.Desc + m prometheus.Metric + pm dto.Metric + lvs []string + ) + + // Get the Desc from the Collector. + descc := make(chan *prometheus.Desc, 1) + c.Describe(descc) + + select { + case desc = <-descc: + default: + panic("no description provided by collector") + } + select { + case <-descc: + panic("more than one description provided by collector") + default: + } + + close(descc) + + // Create a ConstMetric with the Desc. Since we don't know how many + // variable labels there are, try for as long as it needs. + for err := errors.New("dummy"); err != nil; lvs = append(lvs, magicString) { + m, err = prometheus.NewConstMetric(desc, prometheus.UntypedValue, 0, lvs...) + } + + // Write out the metric into a proto message and look at the labels. + // If the value is not the magicString, it is a constLabel, which doesn't interest us. + // If the label is curried, it doesn't interest us. + // In all other cases, only "code" or "method" is allowed. + if err := m.Write(&pm); err != nil { + panic("error checking metric for labels") + } + for _, label := range pm.Label { + name, value := label.GetName(), label.GetValue() + if value != magicString || isLabelCurried(c, name) { + continue + } + switch name { + case "code": + code = true + case "method": + method = true + default: + panic("metric partitioned with non-supported labels") + } + } + return +} + +func isLabelCurried(c prometheus.Collector, label string) bool { + // This is even hackier than the label test above. + // We essentially try to curry again and see if it works. + // But for that, we need to type-convert to the two + // types we use here, ObserverVec or *CounterVec. + switch v := c.(type) { + case *prometheus.CounterVec: + if _, err := v.CurryWith(prometheus.Labels{label: "dummy"}); err == nil { + return false + } + case prometheus.ObserverVec: + if _, err := v.CurryWith(prometheus.Labels{label: "dummy"}); err == nil { + return false + } + default: + panic("unsupported metric vec type") + } + return true +} + +// emptyLabels is a one-time allocation for non-partitioned metrics to avoid +// unnecessary allocations on each request. +var emptyLabels = prometheus.Labels{} + +func labels(code, method bool, reqMethod string, status int) prometheus.Labels { + if !(code || method) { + return emptyLabels + } + labels := prometheus.Labels{} + + if code { + labels["code"] = sanitizeCode(status) + } + if method { + labels["method"] = sanitizeMethod(reqMethod) + } + + return labels +} + +func computeApproximateRequestSize(r *http.Request) int { + s := 0 + if r.URL != nil { + s += len(r.URL.String()) + } + + s += len(r.Method) + s += len(r.Proto) + for name, values := range r.Header { + s += len(name) + for _, value := range values { + s += len(value) + } + } + s += len(r.Host) + + // N.B. r.Form and r.MultipartForm are assumed to be included in r.URL. + + if r.ContentLength != -1 { + s += int(r.ContentLength) + } + return s +} + +func sanitizeMethod(m string) string { + switch m { + case "GET", "get": + return "get" + case "PUT", "put": + return "put" + case "HEAD", "head": + return "head" + case "POST", "post": + return "post" + case "DELETE", "delete": + return "delete" + case "CONNECT", "connect": + return "connect" + case "OPTIONS", "options": + return "options" + case "NOTIFY", "notify": + return "notify" + default: + return strings.ToLower(m) + } +} + +// If the wrapped http.Handler has not set a status code, i.e. the value is +// currently 0, santizeCode will return 200, for consistency with behavior in +// the stdlib. +func sanitizeCode(s int) string { + switch s { + case 100: + return "100" + case 101: + return "101" + + case 200, 0: + return "200" + case 201: + return "201" + case 202: + return "202" + case 203: + return "203" + case 204: + return "204" + case 205: + return "205" + case 206: + return "206" + + case 300: + return "300" + case 301: + return "301" + case 302: + return "302" + case 304: + return "304" + case 305: + return "305" + case 307: + return "307" + + case 400: + return "400" + case 401: + return "401" + case 402: + return "402" + case 403: + return "403" + case 404: + return "404" + case 405: + return "405" + case 406: + return "406" + case 407: + return "407" + case 408: + return "408" + case 409: + return "409" + case 410: + return "410" + case 411: + return "411" + case 412: + return "412" + case 413: + return "413" + case 414: + return "414" + case 415: + return "415" + case 416: + return "416" + case 417: + return "417" + case 418: + return "418" + + case 500: + return "500" + case 501: + return "501" + case 502: + return "502" + case 503: + return "503" + case 504: + return "504" + case 505: + return "505" + + case 428: + return "428" + case 429: + return "429" + case 431: + return "431" + case 511: + return "511" + + default: + return strconv.Itoa(s) + } +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 788a99a..1554628 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -3,7 +3,7 @@ github.com/alecthomas/template github.com/alecthomas/template/parse # github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4 github.com/alecthomas/units -# github.com/aws/aws-sdk-go v1.25.9 +# github.com/aws/aws-sdk-go v1.29.2 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/awserr github.com/aws/aws-sdk-go/aws/awsutil @@ -28,6 +28,8 @@ github.com/aws/aws-sdk-go/internal/sdkmath github.com/aws/aws-sdk-go/internal/sdkrand github.com/aws/aws-sdk-go/internal/sdkuri github.com/aws/aws-sdk-go/internal/shareddefaults +github.com/aws/aws-sdk-go/internal/strings +github.com/aws/aws-sdk-go/internal/sync/singleflight github.com/aws/aws-sdk-go/private/protocol github.com/aws/aws-sdk-go/private/protocol/json/jsonutil github.com/aws/aws-sdk-go/private/protocol/query @@ -56,6 +58,7 @@ github.com/matttproud/golang_protobuf_extensions/pbutil # github.com/prometheus/client_golang v1.4.1 github.com/prometheus/client_golang/prometheus github.com/prometheus/client_golang/prometheus/internal +github.com/prometheus/client_golang/prometheus/promhttp # github.com/prometheus/client_model v0.2.0 github.com/prometheus/client_model/go # github.com/prometheus/common v0.9.1